[evolution-data-server/gnome-40] ESourceWebDAV: Fallback to SHA1 on SSL trust verification if needed
- From: Milan Crha <mcrha src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution-data-server/gnome-40] ESourceWebDAV: Fallback to SHA1 on SSL trust verification if needed
- Date: Mon, 29 Mar 2021 14:06:11 +0000 (UTC)
commit 649aaa623f436bcc901e837c03a633894305402c
Author: Milan Crha <mcrha redhat com>
Date: Mon Mar 29 15:55:26 2021 +0200
ESourceWebDAV: Fallback to SHA1 on SSL trust verification if needed
When a Flatpak application compiles against the evolution-data-server,
which still uses SHA1, but the host version uses SHA256, then the verification
always fails due to SHA version mismatch. It's because the hash to store
is computed by the client (inside the Flatpak), but the connection itself,
with the hash verification, is done on the host.
This covers only the case with older version of the data server in Flatpak.
The opposite case would require a change on the host system.
src/libedataserver/e-source-webdav.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
---
diff --git a/src/libedataserver/e-source-webdav.c b/src/libedataserver/e-source-webdav.c
index 657d41da2..c4762895e 100644
--- a/src/libedataserver/e-source-webdav.c
+++ b/src/libedataserver/e-source-webdav.c
@@ -1520,7 +1520,12 @@ e_source_webdav_verify_ssl_trust (ESourceWebdav *extension,
if (decode_ssl_trust (extension, &response, &old_host, &old_hash)) {
gchar *hash;
- hash = g_compute_checksum_for_data (G_CHECKSUM_SHA256, bytes->data, bytes->len);
+ /* This is required for Flatpak, which can be built with eds before the 3.40, where
+ had been changed to use SHA256. */
+ if (old_hash && strlen (old_hash) == g_checksum_type_get_length (G_CHECKSUM_SHA1) * 2)
+ hash = g_compute_checksum_for_data (G_CHECKSUM_SHA1, bytes->data, bytes->len);
+ else
+ hash = g_compute_checksum_for_data (G_CHECKSUM_SHA256, bytes->data, bytes->len);
if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN &&
g_strcmp0 (old_host, host) == 0 &&
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]