interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Although safe, a bit scary

This commit is contained in:
Willem Toorop 2017-02-27 14:30:44 -08:00
parent 94e1f48f58
commit bbd2fb8cf0
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/stub.c
View File

@ -877,10 +877,12 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
/* First deal with the hostname authentication done by OpenSSL. */ /* First deal with the hostname authentication done by OpenSSL. */
#ifdef X509_V_ERR_HOSTNAME_MISMATCH #ifdef X509_V_ERR_HOSTNAME_MISMATCH
# if defined(STUB_DEBUG) && STUB_DEBUG
/*Report if error is hostname mismatch*/ /*Report if error is hostname mismatch*/
if (err == X509_V_ERR_HOSTNAME_MISMATCH && upstream->tls_fallback_ok) if (err == X509_V_ERR_HOSTNAME_MISMATCH && upstream->tls_fallback_ok)
DEBUG_STUB("%s %-35s: FD: %d WARNING: Proceeding even though hostname validation failed!\n", DEBUG_STUB("%s %-35s: FD: %d WARNING: Proceeding even though hostname validation failed!\n",
STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd); STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd);
# endif
#else #else
/* if we weren't built against OpenSSL with hostname matching we /* if we weren't built against OpenSSL with hostname matching we
* could not have matched the hostname, so this would be an automatic * could not have matched the hostname, so this would be an automatic