Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch')
-rw-r--r--net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch125
1 files changed, 0 insertions, 125 deletions
diff --git a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch b/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch
deleted file mode 100644
index 0d7df686a157..000000000000
--- a/net-libs/pjproject/files/pjproject-2.10-CVE-2020-15260-tls-hostname-check.patch
+++ /dev/null
@@ -1,125 +0,0 @@
-From 67e46c1ac45ad784db5b9080f5ed8b133c122872 Mon Sep 17 00:00:00 2001
-From: sauwming <ming@teluu.com>
-Date: Mon, 8 Mar 2021 17:39:36 +0800
-Subject: [PATCH] Merge pull request from GHSA-8hcp-hm38-mfph
-
-* Check hostname during TLS transport selection
-
-* revision based on feedback
-
-* remove the code in create_request that has been moved
----
- pjsip/include/pjsip/sip_dialog.h | 1 +
- pjsip/src/pjsip/sip_dialog.c | 15 +++++++++++++++
- pjsip/src/pjsip/sip_transport.c | 13 +++++++++++++
- pjsip/src/pjsip/sip_util.c | 11 ++++++++---
- 4 files changed, 37 insertions(+), 3 deletions(-)
-
-diff --git a/pjsip/include/pjsip/sip_dialog.h b/pjsip/include/pjsip/sip_dialog.h
-index a0214d28c..e314c2ece 100644
---- a/pjsip/include/pjsip/sip_dialog.h
-+++ b/pjsip/include/pjsip/sip_dialog.h
-@@ -165,6 +165,7 @@ struct pjsip_dialog
- pjsip_route_hdr route_set; /**< Route set. */
- pj_bool_t route_set_frozen; /**< Route set has been set. */
- pjsip_auth_clt_sess auth_sess; /**< Client authentication session. */
-+ pj_str_t initial_dest;/**< Initial destination host. */
-
- /** Session counter. */
- int sess_count; /**< Number of sessions. */
-diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c
-index 27530e4f2..9571b5a35 100644
---- a/pjsip/src/pjsip/sip_dialog.c
-+++ b/pjsip/src/pjsip/sip_dialog.c
-@@ -467,6 +467,10 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua,
-
- /* Save the remote info. */
- pj_strdup(dlg->pool, &dlg->remote.info_str, &tmp);
-+
-+ /* Save initial destination host from transport's info */
-+ pj_strdup(dlg->pool, &dlg->initial_dest,
-+ &rdata->tp_info.transport->remote_name.host);
-
-
- /* Init remote's contact from Contact header.
-@@ -1192,6 +1196,12 @@ static pj_status_t dlg_create_request_throw( pjsip_dialog *dlg,
- return status;
- }
-
-+ /* Copy the initial destination host to tdata. This information can be
-+ * used later by transport for transport selection.
-+ */
-+ if (dlg->initial_dest.slen)
-+ pj_strdup(tdata->pool, &tdata->dest_info.name, &dlg->initial_dest);
-+
- /* Done. */
- *p_tdata = tdata;
-
-@@ -1822,6 +1832,11 @@ static void dlg_update_routeset(pjsip_dialog *dlg, const pjsip_rx_data *rdata)
- * transaction as the initial transaction that establishes dialog.
- */
- if (dlg->role == PJSIP_ROLE_UAC) {
-+ /* Save initial destination host from transport's info. */
-+ if (!dlg->initial_dest.slen) {
-+ pj_strdup(dlg->pool, &dlg->initial_dest,
-+ &rdata->tp_info.transport->remote_name.host);
-+ }
-
- /* Ignore subsequent request from remote */
- if (msg->type != PJSIP_RESPONSE_MSG)
-diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
-index bef6d24fe..177274b08 100644
---- a/pjsip/src/pjsip/sip_transport.c
-+++ b/pjsip/src/pjsip/sip_transport.c
-@@ -2335,6 +2335,19 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
- if (!tp_iter->tp->is_shutdown &&
- !tp_iter->tp->is_destroying)
- {
-+ if ((type & PJSIP_TRANSPORT_SECURE) && tdata) {
-+ /* For secure transport, make sure tdata's
-+ * destination host matches the transport's
-+ * remote host.
-+ */
-+ if (pj_stricmp(&tdata->dest_info.name,
-+ &tp_iter->tp->remote_name.host))
-+ {
-+ tp_iter = tp_iter->next;
-+ continue;
-+ }
-+ }
-+
- if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER &&
- sel->u.listener)
- {
-diff --git a/pjsip/src/pjsip/sip_util.c b/pjsip/src/pjsip/sip_util.c
-index a1bf878ea..cf916805d 100644
---- a/pjsip/src/pjsip/sip_util.c
-+++ b/pjsip/src/pjsip/sip_util.c
-@@ -1417,7 +1417,10 @@ PJ_DEF(pj_status_t) pjsip_endpt_send_request_stateless(pjsip_endpoint *endpt,
- */
- if (tdata->dest_info.addr.count == 0) {
- /* Copy the destination host name to TX data */
-- pj_strdup(tdata->pool, &tdata->dest_info.name, &dest_info.addr.host);
-+ if (!tdata->dest_info.name.slen) {
-+ pj_strdup(tdata->pool, &tdata->dest_info.name,
-+ &dest_info.addr.host);
-+ }
-
- pjsip_endpt_resolve( endpt, tdata->pool, &dest_info, stateless_data,
- &stateless_send_resolver_callback);
-@@ -1810,8 +1813,10 @@ PJ_DEF(pj_status_t) pjsip_endpt_send_response( pjsip_endpoint *endpt,
- }
- } else {
- /* Copy the destination host name to TX data */
-- pj_strdup(tdata->pool, &tdata->dest_info.name,
-- &res_addr->dst_host.addr.host);
-+ if (!tdata->dest_info.name.slen) {
-+ pj_strdup(tdata->pool, &tdata->dest_info.name,
-+ &res_addr->dst_host.addr.host);
-+ }
-
- pjsip_endpt_resolve(endpt, tdata->pool, &res_addr->dst_host,
- send_state, &send_response_resolver_cb);
---
-2.26.2
-