mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-06-27 06:48:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Don't add loopback address to generated SSL cert

Browse source
This commit is contained in:
Justine Tunney 2023-03-05 22:57:22 -08:00
parent e16b969829
commit 713d4424c6
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
1 changed files with 9 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tool/net/redbean.c
View file

@ -1876,6 +1876,7 @@ static void ConfigureCertificate(mbedtls_x509write_cert *cw, struct Cert *ca,
gethostname(hbuf, sizeof(hbuf)); gethostname(hbuf, sizeof(hbuf));
for (i = 0; i < htxt->entries.i; ++i) { for (i = 0; i < htxt->entries.i; ++i) {
for (j = 0; j < ips.n; ++j) { for (j = 0; j < ips.n; ++j) {
if (IsLoopbackIp(ips.p[j])) continue;
if (ips.p[j] == READ32BE(htxt->entries.p[i].ip)) { if (ips.p[j] == READ32BE(htxt->entries.p[i].ip)) {
isduplicate = false; isduplicate = false;
s = htxt->strings.p + htxt->entries.p[i].name; s = htxt->strings.p + htxt->entries.p[i].name;
@ -1898,6 +1899,7 @@ static void ConfigureCertificate(mbedtls_x509write_cert *cw, struct Cert *ca,
} }
} }
for (i = 0; i < ips.n; ++i) { for (i = 0; i < ips.n; ++i) {
if (IsLoopbackIp(ips.p[i])) continue;
san = realloc(san, ++nsan * sizeof(*san)); san = realloc(san, ++nsan * sizeof(*san));
san[nsan - 1].tag = MBEDTLS_X509_SAN_IP_ADDRESS; san[nsan - 1].tag = MBEDTLS_X509_SAN_IP_ADDRESS;
san[nsan - 1].ip4 = ips.p[i]; san[nsan - 1].ip4 = ips.p[i];
@ -7283,10 +7285,10 @@ static void GetOpts(int argc, char *argv[]) {
CASE('G', ProgramGid(atoi(optarg))); CASE('G', ProgramGid(atoi(optarg)));
CASE('p', ProgramPort(ParseInt(optarg))); CASE('p', ProgramPort(ParseInt(optarg)));
CASE('R', ProgramRedirectArg(0, optarg)); CASE('R', ProgramRedirectArg(0, optarg));
case 'c': ; // accept "num" or "num,directive" case 'c':; // accept "num" or "num,directive"
char *p; char *p;
long ret = strtol(optarg, &p, 0); long ret = strtol(optarg, &p, 0);
ProgramCache(ret, *p ? p+1 : NULL); // skip separator, if any ProgramCache(ret, *p ? p + 1 : NULL); // skip separator, if any
break; break;
CASE('r', ProgramRedirectArg(307, optarg)); CASE('r', ProgramRedirectArg(307, optarg));
CASE('t', ProgramTimeout(ParseInt(optarg))); CASE('t', ProgramTimeout(ParseInt(optarg)));