From e9b0dbb4a95dbc8e328f08d6df6654dcbe13db09 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 22 Mar 2017 14:49:22 +0100
Subject: ssl: Add hostname check of server certificate

When the server_name_indication is sent automatize the
clients check of that the hostname is present in the
servers certificate. Currently server_name_indication shall
be on the dns_id format. If server_name_indication is disabled
it is up to the user to do its own check in the verify_fun.
---
 lib/ssl/src/dtls_handshake.erl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'lib/ssl/src/dtls_handshake.erl')

diff --git a/lib/ssl/src/dtls_handshake.erl b/lib/ssl/src/dtls_handshake.erl
index 1ed63f8a83..37a46b862e 100644
--- a/lib/ssl/src/dtls_handshake.erl
+++ b/lib/ssl/src/dtls_handshake.erl
@@ -65,9 +65,8 @@ client_hello(Host, Port, Cookie, ConnectionStates,
     TLSVersion = dtls_v1:corresponding_tls_version(Version),
     CipherSuites = ssl_handshake:available_suites(UserSuites, TLSVersion),
 
-    Extensions = ssl_handshake:client_hello_extensions(Host, TLSVersion, CipherSuites,
+    Extensions = ssl_handshake:client_hello_extensions(TLSVersion, CipherSuites,
                                                        SslOpts, ConnectionStates, Renegotiation),
-
     Id = ssl_session:client_id({Host, Port, SslOpts}, Cache, CacheCb, OwnCert),
 
     #client_hello{session_id = Id,
-- 
cgit v1.2.3