Updated STS handling to require an explicit port in insecure-connection capability upgrades, ignoring incomplete policies without upgrading.

2026-03-10 07:50:19 +00:00 · 2026-02-04 10:19:26 -07:00
parent 3290f15439
commit 89a8f3eb0a
1 changed files with 1 additions and 9 deletions
--- a/src/common/sts.c
+++ b/src/common/sts.c
@@ -553,15 +553,7 @@ sts_handle_capability (struct server *serv, const char *value)
 	{
 		if (!has_port)
 		{
-			if (serv->port > 0)
-			{
-				port = (guint16) serv->port;
-				has_port = TRUE;
-			}
-			else
-			{
-				return FALSE;
-			}
+			return FALSE;
 		}
 #ifdef USE_OPENSSL
 		if (serv->sts_upgrade_in_progress)