CVE-2020-13645
backported: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
Change-Id: I7002bd96a7077e013587d1e6f0722a1ab54ee4b5
GTlsCertificate *peer_certificate)
{
GTlsConnection *conn = G_TLS_CONNECTION (openssl);
- GSocketConnectable *peer_identity;
+ GSocketConnectable *peer_identity = NULL;
GTlsDatabase *database;
- GTlsCertificateFlags errors;
+ GTlsCertificateFlags errors = 0;
gboolean is_client;
is_client = G_IS_TLS_CLIENT_CONNECTION (openssl);
if (is_client)
peer_identity = g_tls_client_connection_get_server_identity (G_TLS_CLIENT_CONNECTION (openssl));
- else
- peer_identity = NULL;
- errors = 0;
+ if (!peer_identity)
+ errors |= G_TLS_CERTIFICATE_BAD_IDENTITY;
database = g_tls_connection_get_database (conn);
if (database == NULL)