Skip to content

Commit

Permalink
THRIFT-5343: TTlsSocketTransport does not resolve IPv4 addresses or v…
Browse files Browse the repository at this point in the history
…alidate hostnames correctly

Client: netstd
Patch: James Lacey

This closes #2322
  • Loading branch information
penenin authored and Jens-G committed Feb 4, 2021
1 parent 4aaef75 commit 55016bf
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ public class TTlsSocketTransport : TStreamTransport
private readonly LocalCertificateSelectionCallback _localCertificateSelectionCallback;
private readonly int _port;
private readonly SslProtocols _sslProtocols;
private readonly string _targetHost;
private TcpClient _client;
private SslStream _secureStream;
private int _timeout;
Expand Down Expand Up @@ -122,13 +123,13 @@ public TTlsSocketTransport(string host, int port, TConfiguration config, int tim
{
try
{
_targetHost = host;

var entry = Dns.GetHostEntry(host);
if (entry.AddressList.Length == 0)
throw new TTransportException(TTransportException.ExceptionType.Unknown, "unable to resolve host name");

var addr = entry.AddressList[0];

_host = new IPAddress(addr.GetAddressBytes(), addr.ScopeId);
_host = entry.AddressList[0];
_port = port;
_timeout = timeout;
_certificate = certificate;
Expand Down Expand Up @@ -239,7 +240,7 @@ public async Task SetupTlsAsync()
? new X509CertificateCollection {_certificate}
: new X509CertificateCollection();

var targetHost = _host.ToString();
var targetHost = _targetHost ?? _host.ToString();
await _secureStream.AuthenticateAsClientAsync(targetHost, certs, _sslProtocols, true);
}
}
Expand Down

0 comments on commit 55016bf

Please sign in to comment.