summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuel Lidén Borell <samuel@kodafritt.se>2013-11-12 16:53:15 +0100
committerSamuel Lidén Borell <samuel@kodafritt.se>2013-11-12 16:53:15 +0100
commita96c23a9a247431fe1d7ee1d680628798fd90e9a (patch)
treee912086385fbb98d7bc6f1c622ba4161f2e0fb6a
parent3cbc7710967eede2cb6ab1551047308f226f6df7 (diff)
downloadfribid-a96c23a9a247431fe1d7ee1d680628798fd90e9a.tar.gz
fribid-a96c23a9a247431fe1d7ee1d680628798fd90e9a.tar.bz2
fribid-a96c23a9a247431fe1d7ee1d680628798fd90e9a.zip
Use the IPv4 server address instead of the IPv6 one in the signature
-rw-r--r--plugin/pluginutil.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/plugin/pluginutil.c b/plugin/pluginutil.c
index 8e0887f..1b13588 100644
--- a/plugin/pluginutil.c
+++ b/plugin/pluginutil.c
@@ -121,6 +121,11 @@ char *getDocumentHostname(NPP instance) {
return getWindowProperty(instance, identifiers);
}
+/**
+ * Finds the IP address of the server hosting the document containing the
+ * plugin. This IP address is placed in the signature as an additional
+ * security measure to detect spoofing.
+ */
char *getDocumentIP(NPP instance) {
// FIXME This function performs a DNS lookup independently of the
// browser. So it's possible that the browser and the plugin
@@ -135,9 +140,9 @@ char *getDocumentIP(NPP instance) {
free(hostname);
if (ret != 0) return NULL;
- // Find first INET address
+ // Find first INET (IPv4) address (BankID supports IPv4 addresses only)
const struct addrinfo *ai = firstAddrInfo;
- while (ai && (ai->ai_family != AF_INET) && (ai->ai_family != AF_INET6))
+ while (ai && ai->ai_family != AF_INET)
ai = ai->ai_next;
if (!ai) return NULL;