]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1914465) | patch
ngtcp2: verify the server cert on connect (quictls)
authorDaniel Stenberg <daniel@haxx.se>
Thu, 23 Dec 2021 09:24:31 +0000 (10:24 +0100)
committerDaniel Stenberg <daniel@haxx.se>
Tue, 28 Dec 2021 22:34:23 +0000 (23:34 +0100)
commitc148f0f551f9bea0e3d08f5747b3fe58b811a011
tree285501c4a1f53c3f6b34e5221eebbf4bf1de2f36tree | snapshot
parent1914465cf180d32b3dfff9c4da15c19363075082commit | diff
ngtcp2: verify the server cert on connect (quictls)

Make ngtcp2+quictls correctly acknowledge `CURLOPT_SSL_VERIFYPEER` and
`CURLOPT_SSL_VERIFYHOST`.

The name check now uses a function from lib/vtls/openssl.c which will
need attention for when TLS is not done by OpenSSL or is disabled while
QUIC is enabled.

Possibly the servercert() function in openssl.c should be adjusted to be
able to use for both regular TLS and QUIC.

Ref: #8173
Closes #8178
lib/connect.c diff | blob | blame | history
lib/vquic/ngtcp2.c diff | blob | blame | history
lib/vtls/openssl.c diff | blob | blame | history
lib/vtls/openssl.h diff | blob | blame | history
Mirror of https://github.com/curl/curl.git