]> git.ipfire.org Git - thirdparty/gnutls.git/commit
projects / thirdparty / gnutls.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c040000) | patch
handshake-checks: fix username comparison during rehandshake
authorJoshua Rogers <joshua@joshua.hu>
Wed, 18 Mar 2026 16:08:03 +0000 (17:08 +0100)
committerAlexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
commit35dbb0e4ebcc07acecfd060ffc6ca076cf397920
tree9972e46c52c255095426c7448a30775537f25982tree | snapshot
parentc04000018a8642cae8c05bdad4edf1c20c85e8fdcommit | diff
handshake-checks: fix username comparison during rehandshake

This is definitely a security issue
subverting the GNUTLS_ALLOW_ID_CHANGE protection,
but its real-life exploitability is under question.

Reported-by: Joshua Rogers of AISLE Research Team <joshua@joshua.hu>
Fixes: #1808
Signed-off-by: Joshua Rogers <joshua@joshua.hu>
lib/handshake-checks.c diff | blob | blame | history
Mirror of https://gitlab.com/gnutls/gnutls.git