cqrenet/mxids
3
0
Fork 0
Code Pull Requests 10 Actions Releases Activity

Fix homeserver verification with wildcards certificates.

Browse Source 
Disable v2 by default.
Add migration to fix the accepted table (due to sqlite unable to change constraint, drop table and create again).
Fix displaying the expiration period of the new token.
Remove duplicated code.
Use v1 single lookup when receive the request with `none` algorithm and the only one argument.
Hide v2 endpoint if v2 API disabled.
This commit is contained in:
Anatoly Sablin
2019-12-10 00:10:13 +03:00
parent 17ebc2a421
commit 10cdb4360e
11 changed files with 176 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/io/kamax/mxisd/matrix/HomeserverVerifier.java
View File

@@ -77,7 +77,8 @@ public class HomeserverVerifier implements HostnameVerifier {
private boolean match(String altSubjectName) {
if (altSubjectName.startsWith("*.")) {
return altSubjectName.toLowerCase().endsWith(matrixHostname.toLowerCase());
String subjectNameWithoutMask = altSubjectName.substring(1); // remove wildcard
return matrixHostname.toLowerCase().endsWith(subjectNameWithoutMask.toLowerCase());
} else {
return matrixHostname.equalsIgnoreCase(altSubjectName);
}