Verify hostname according to rfc2818 #455
Conversation
Update from original
Update from cpp-netlib
|
@eakraly -- Can you please make sure the travis build is green? |
| @@ -19,7 +19,7 @@ namespace impl { | |||
| struct normal_delegate : connection_delegate { | |||
| normal_delegate(asio::io_service &service); | |||
|
|
|||
| virtual void connect(asio::ip::tcp::endpoint &endpoint, | |||
| virtual void connect(asio::ip::tcp::endpoint & endpoint, std::string host, | |||
There was a problem hiding this comment.
You also need to change the declaration of connection_delegate::connect(...) to match this -- it's pure virtual there, and it causes the error.
|
In general, if you can run clang-format on the changes you're making (to keep it consistent with the surrounding code), then that would be most appreciated. A local build/test cycle (along with making sure Travis is happy) would also go a long way here. 😄 Thanks @eakraly! |
|
Just wanted to make it clear - this issue is very serious security bug in the library that allows MITM attack on all TLS connections made by the library. |
|
Thanks @eakraly -- yes, I understand it's serious. This makes me happy I waited before releasing 0.11.1. I'll roll a new RC soon enough. Cheers |
Verify hostname according to rfc2818
Without this check HTTPS connection is vulnerable to MITM attack when the attacker would return a valid certificate but from wrong host.