From c0183326a6447f931d4ec971963633a687e12c5e Mon Sep 17 00:00:00 2001
From: "Javier S. Pedro" <maemo@javispedro.com>
Date: Sun, 30 Sep 2012 23:56:06 +0200
Subject: prevent trivial mitm attack

---
 distfoldd/serveragent.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'distfoldd/serveragent.cc')

diff --git a/distfoldd/serveragent.cc b/distfoldd/serveragent.cc
index 3f133bd..2051e22 100644
--- a/distfoldd/serveragent.cc
+++ b/distfoldd/serveragent.cc
@@ -78,7 +78,9 @@ void ServerAgent::handleAuth(const QByteArray &response)
 
 	qDebug() << "Server Handling client auth";
 
-	if (response == generateChallengeResponse(_challenge, _clientChallenge)) {
+	if (response == generateChallengeResponse(_challenge, _clientChallenge,
+	                                          _socket->localCertificate(),
+	                                          _socket->peerCertificate())) {
 		_authOk = true;
 		qDebug() << "Authentication successful";
 	} else {
-- 
cgit v1.2.3