diff options
| author | Ingela Anderton Andin <[email protected]> | 2018-06-05 18:01:02 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2018-06-08 09:52:07 +0200 |
| commit | f821c91cebe0cee22c1c6e0a9dfe45d4e9b5f129 (patch) | |
| tree | f3e8c0cb93697031c46558a22f46e74c63594233 /lib/ssl/src/ssl_certificate.erl | |
| parent | 0387fa9f4d88c2fa8578ead94c04deb9b04e506a (diff) | |
| download | otp-f821c91cebe0cee22c1c6e0a9dfe45d4e9b5f129.tar.gz otp-f821c91cebe0cee22c1c6e0a9dfe45d4e9b5f129.tar.bz2 otp-f821c91cebe0cee22c1c6e0a9dfe45d4e9b5f129.zip | |
ssl: Add option customize_hostname_check
Diffstat (limited to 'lib/ssl/src/ssl_certificate.erl')
| -rw-r--r-- | lib/ssl/src/ssl_certificate.erl | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl index a3333d35e9..dbd2ebf539 100644 --- a/lib/ssl/src/ssl_certificate.erl +++ b/lib/ssl/src/ssl_certificate.erl @@ -138,8 +138,8 @@ validate(_, {bad_cert, _} = Reason, _) -> {fail, Reason}; validate(_, valid, UserState) -> {valid, UserState}; -validate(Cert, valid_peer, UserState = {client, _,_, Hostname, _, _}) when Hostname =/= disable -> - verify_hostname(Hostname, Cert, UserState); +validate(Cert, valid_peer, UserState = {client, _,_, {Hostname, Customize}, _, _}) when Hostname =/= disable -> + verify_hostname(Hostname, Customize, Cert, UserState); validate(_, valid_peer, UserState) -> {valid, UserState}. @@ -333,12 +333,12 @@ new_trusteded_chain(DerCert, [_ | Rest]) -> new_trusteded_chain(_, []) -> unknown_ca. -verify_hostname({fallback, Hostname}, Cert, UserState) when is_list(Hostname) -> - case public_key:pkix_verify_hostname(Cert, [{dns_id, Hostname}]) of +verify_hostname({fallback, Hostname}, Customize, Cert, UserState) when is_list(Hostname) -> + case public_key:pkix_verify_hostname(Cert, [{dns_id, Hostname}], Customize) of true -> {valid, UserState}; false -> - case public_key:pkix_verify_hostname(Cert, [{ip, Hostname}]) of + case public_key:pkix_verify_hostname(Cert, [{ip, Hostname}], Customize) of true -> {valid, UserState}; false -> @@ -346,16 +346,16 @@ verify_hostname({fallback, Hostname}, Cert, UserState) when is_list(Hostname) -> end end; -verify_hostname({fallback, Hostname}, Cert, UserState) -> - case public_key:pkix_verify_hostname(Cert, [{ip, Hostname}]) of +verify_hostname({fallback, Hostname}, Customize, Cert, UserState) -> + case public_key:pkix_verify_hostname(Cert, [{ip, Hostname}], Customize) of true -> {valid, UserState}; false -> {fail, {bad_cert, hostname_check_failed}} end; -verify_hostname(Hostname, Cert, UserState) -> - case public_key:pkix_verify_hostname(Cert, [{dns_id, Hostname}]) of +verify_hostname(Hostname, Customize, Cert, UserState) -> + case public_key:pkix_verify_hostname(Cert, [{dns_id, Hostname}], Customize) of true -> {valid, UserState}; false -> |