Commit bfbd37ed authored by deuce's avatar deuce
Browse files

For right now, don't verify server names in certificates. This will need

to be changed to something the individual clients can frob in the near
future.
parent f3d849a0
......@@ -1762,6 +1762,8 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
// Reduced compliance checking... required for acme-staging-v02.api.letsencrypt.org
do_cryptAttribute(p->session, CRYPT_OPTION_CERT_COMPLIANCELEVEL, CRYPT_COMPLIANCELEVEL_REDUCED);
if (tiny == SOCK_PROP_SSL_SESSION) {
// TODO: Make this configurable
do_cryptAttribute(p->session, CRYPT_SSLOPTION_DISABLE_NAMEVERIFY, 1);
ret=do_cryptAttributeString(p->session, CRYPT_SESSINFO_SERVER_NAME, p->hostname, strlen(p->hostname));
p->tls_server = FALSE;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment