From 68048eefb0353c6cb686c092af50ba61fca67874 Mon Sep 17 00:00:00 2001 From: beck <> Date: Fri, 11 Sep 2015 12:56:55 +0000 Subject: add tls_peer functions for checking names and issuers of peer certificates. ok jsing@ --- src/lib/libtls/tls_client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/lib/libtls/tls_client.c') diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c index fb7f3a6f75..2aca519f8b 100644 --- a/src/lib/libtls/tls_client.c +++ b/src/lib/libtls/tls_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_client.c,v 1.26 2015/09/10 10:14:20 jsing Exp $ */ +/* $OpenBSD: tls_client.c,v 1.27 2015/09/11 12:56:55 beck Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -262,7 +262,7 @@ tls_handshake_client(struct tls *ctx) tls_set_errorx(ctx, "no server certificate"); goto err; } - if ((rv = tls_check_servername(ctx, cert, + if ((rv = tls_check_name(ctx, cert, ctx->servername)) != 0) { if (rv != -2) tls_set_errorx(ctx, "name `%s' not present in" -- cgit v1.2.3-55-g6feb