Skip to content
Snippets Groups Projects
Commit bfbd37ed authored by deuce's avatar deuce
Browse files

For right now, don't verify server names in certificates. This will need 

to be changed to something the individual clients can frob in the near
future.
parent f3d849a0
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 0 deletions
src/sbbs3/js_socket.c
+ 2
0
View file @ bfbd37ed
...@@ -1762,6 +1762,8 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict ...@@ -1762,6 +1762,8 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
// Reduced compliance checking... required for acme-staging-v02.api.letsencrypt.org // Reduced compliance checking... required for acme-staging-v02.api.letsencrypt.org
do_cryptAttribute(p->session, CRYPT_OPTION_CERT_COMPLIANCELEVEL, CRYPT_COMPLIANCELEVEL_REDUCED); do_cryptAttribute(p->session, CRYPT_OPTION_CERT_COMPLIANCELEVEL, CRYPT_COMPLIANCELEVEL_REDUCED);
if (tiny == SOCK_PROP_SSL_SESSION) { if (tiny == SOCK_PROP_SSL_SESSION) {
// TODO: Make this configurable
do_cryptAttribute(p->session, CRYPT_SSLOPTION_DISABLE_NAMEVERIFY, 1);
ret=do_cryptAttributeString(p->session, CRYPT_SESSINFO_SERVER_NAME, p->hostname, strlen(p->hostname)); ret=do_cryptAttributeString(p->session, CRYPT_SESSINFO_SERVER_NAME, p->hostname, strlen(p->hostname));
p->tls_server = FALSE; p->tls_server = FALSE;
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment