Commits : Individual Commit
Analyzed about 2 hours
ago based on code collected 3 days ago.
Commit ID aa31c2a326bee13ea0f558dac05f1bcf73a10936
|
Contributor: | Matt McCutchen | Files Modified: | 4 |
| Date: | 04-May-2012 at 12:28 | Lines Added: | 71 | |
| Repository: | git://git.gnome.org/evolution-data-server master | Lines Removed: | 31 | |
| Commit Comment: | Bug #606181 - Accepting bad SSL certificate applies to any hostname Change the Camel certdb to look up certificates by expected hostname. This way, accepting a bad certificate for one mail server does not give it a free pass to impersonate the user's other mail servers. Storing a second bad certificate for the same server will replace the first, but that should be OK (Mozilla PSM works the same way). The camel-cert.db format is unchanged except that it can now contain multiple entries for the same certificate with different hostnames, and if it contains multiple certificates for the same hostname, all but the last will be dropped (becoming permanent the next time the certdb is saved). Users who were taking advantage of evolution-data-server's previous, vulnerable behavior of accepting a certificate for a hostname other than the originally user-approved one will get bad certificate dialogs and will need to re-approve the certificate for the desired hostname(s). Note: Case insensitive compare of host names added by mcrha. |
|||
Changes by Language
Changes by File
Copyright
©
2013
Black Duck Software, Inc.
and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a
Creative Commons Attribution 3.0 Unported License
. Ohloh
®
and the Ohloh logo are trademarks of
Black Duck Software, Inc.
in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.