36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
From 9e71901634e276dd050481c4320f046bebb1bc28 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Mon, 19 Dec 2022 08:36:55 +0100
|
|
Subject: [PATCH] http: use the IDN decoded name in HSTS checks
|
|
|
|
Otherwise it stores the info HSTS into the persistent cache for the IDN
|
|
name which will not match when the HSTS status is later checked for
|
|
using the decoded name.
|
|
|
|
Reported-by: Hiroki Kurosawa
|
|
|
|
Closes #10111
|
|
|
|
CVE: CVE-2022-43551
|
|
Upstream-Status: Backport [https://github.com/curl/curl/commit/9e71901634e276dd050481c4320f046bebb1bc28]
|
|
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
|
|
Comments: Hunk refresh to remove patch-fuzz warning
|
|
|
|
---
|
|
lib/http.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/http.c b/lib/http.c
|
|
index 85528a2218eee..a784745a8d505 100644
|
|
--- a/lib/http.c
|
|
+++ b/lib/http.c
|
|
@@ -3652,7 +3652,7 @@ CURLcode Curl_http_header(struct Curl_easy *data, struct connectdata *conn,
|
|
else if(data->hsts && checkprefix("Strict-Transport-Security:", headp) &&
|
|
(conn->handler->flags & PROTOPT_SSL)) {
|
|
CURLcode check =
|
|
- Curl_hsts_parse(data->hsts, data->state.up.hostname,
|
|
+ Curl_hsts_parse(data->hsts, conn->host.name,
|
|
headp + strlen("Strict-Transport-Security:"));
|
|
if(check)
|
|
infof(data, "Illegal STS header skipped");
|