generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-28 03:20:11 +01:00
Code Issues Projects Releases Wiki Activity

* Allows SecureStreamSocket::attach to be used in server connections

Browse Source 
* Move order of condition for isLocalHost in peer certificate verification, to skip DNS lookup if not needed
This commit is contained in:
Rangell Reale
2014-09-12 15:47:00 -03:00
committed by Rangel Reale
parent 67b206f663
commit 21f2e115eb
2 changed files with 25 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
NetSSL_OpenSSL/src/SecureSocketImpl.cpp
View File

@@ -358,7 +358,7 @@ long SecureSocketImpl::verifyPeerCertificateImpl(const std::string& hostName)
{
Context::VerificationMode mode = _pContext->verificationMode();
if (mode == Context::VERIFY_NONE || !_pContext->extendedCertificateVerificationEnabled() ||
(isLocalHost(hostName) && mode != Context::VERIFY_STRICT))
(mode != Context::VERIFY_STRICT && isLocalHost(hostName)))
{
return X509_V_OK;
}