Re: [Mutt] #3087: No server hostname validation in SSL certificate
#3087: No server hostname validation in SSL certificate processing
Changes (by pdmef):
* status: new => closed
* resolution: => fixed
Comment:
(In [934a802dff7f]) Verify hostname in (Open)SSL certificate validation
This is based on the patch by gkloepfer attached to #3087 but passes the
proper connection as argument (avoiding adding hostname to struct
sslsockdata) and validates the hostname even in case OpenSSL cannot find
the local issuer certificate. GnuTLS already supports hostname
checking. Closes #3087.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3087#comment:3>