File curl-CVE-2022-43551.patch of Package curl.27750
From 760fa138c776df94cd5d0f836cb07a284fd9ac25 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 21 Nov 2022 11:19:54 +0100
Subject: [PATCH] http: use the IDN decoded name in HSTS checks
Otherwise it stores the info HSTS into the persistent cache for the IDN
name which will not match when the HSTS status is later checked for
using the decoded name.
Reported-by: Hiroki Kurosawa
---
lib/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: curl-7.79.1/lib/http.c
===================================================================
--- curl-7.79.1.orig/lib/http.c
+++ curl-7.79.1/lib/http.c
@@ -3686,7 +3686,7 @@ CURLcode Curl_http_header(struct Curl_ea
else if(data->hsts && checkprefix("Strict-Transport-Security:", headp) &&
(conn->handler->flags & PROTOPT_SSL)) {
CURLcode check =
- Curl_hsts_parse(data->hsts, data->state.up.hostname,
+ Curl_hsts_parse(data->hsts, conn->host.name,
headp + strlen("Strict-Transport-Security:"));
if(check)
infof(data, "Illegal STS header skipped");