diff options
Diffstat (limited to 'core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new')
| -rw-r--r-- | core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new new file mode 100644 index 0000000..e458c8c --- /dev/null +++ b/core/curl/valid-ip-is-enough-for-ssl-if-only-ip-is-given.patch.new @@ -0,0 +1,11 @@ +--- lib/vtls/openssl.c 2016-07-21 21:40:37.014958580 +0200 ++++ lib/vtls/openssl.c 2016-07-21 22:22:13.284274185 +0200 +@@ -1117,7 +1117,7 @@ + + /* If a subjectAltName extension of type dNSName is present, that MUST + be used as the identity. / RFC2818 section 3.1 */ +- if(check->type == GEN_DNS) ++ if(check->type == GEN_DNS && strcmp(conn->ip_addr_str,conn->host.name)) + dNSName = TRUE; + + /* only check alternatives of the same type the target is */ |