diff options
| author | Mårten Nordheim <marten.nordheim@qt.io> | 2025-10-13 12:13:26 +0200 |
|---|---|---|
| committer | Mårten Nordheim <marten.nordheim@qt.io> | 2025-10-16 19:03:09 +0200 |
| commit | 69e1037be2d6023c0693e26ad8cf489a51e1712b (patch) | |
| tree | 04040dcb26960cb6d5391da249ca8a3f63537d16 /src | |
| parent | c0303a9630fd7876280b840dea6fc9ead88d86da (diff) | |
Schannel: encode the peer name for SNI
Server Name Identification.
We were just passing it to Schannel's API, which took a utf-16 string
and then forwarded it to the network without changes. So instead
we specifically pass it through QUrl and request it to encode any
Unicode characters.
Fixes: QTBUG-141061
Fixes: QTBUG-113028
Pick-to: 6.10 6.8
Change-Id: I33679c68e8e984deb92ff117bf5dd9d4fa4e351b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src')
| -rw-r--r-- | src/plugins/tls/schannel/qtls_schannel.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/plugins/tls/schannel/qtls_schannel.cpp b/src/plugins/tls/schannel/qtls_schannel.cpp index 12c2625f39d..667f2d8a6c3 100644 --- a/src/plugins/tls/schannel/qtls_schannel.cpp +++ b/src/plugins/tls/schannel/qtls_schannel.cpp @@ -1238,9 +1238,10 @@ bool TlsCryptographSchannel::createContext() }; #endif + const QString encodedTargetName = QUrl::fromUserInput(targetName()).host(QUrl::EncodeUnicode); auto status = InitializeSecurityContext(&credentialHandle, // phCredential nullptr, // phContext - const_reinterpret_cast<SEC_WCHAR *>(targetName().utf16()), // pszTargetName + const_reinterpret_cast<SEC_WCHAR *>(encodedTargetName.utf16()), // pszTargetName contextReq, // fContextReq 0, // Reserved1 0, // TargetDataRep (unused) |