mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

Replace InsecureSkipServerNameVerify with InsecureServerNameToVerify (#161)

Browse source 
* Replace InsecureSkipServerNameVerify with InsecureServerNameToVerify

* Replace "any" with "*"
This commit is contained in:
RPRX 2023-02-06 02:22:34 +08:00 committed by GitHub
parent d139a4a652
commit a4ca4dd835
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 45 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

9
handshake_client.go
View file

@ -42,9 +42,8 @@ func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
config := c.config
// [UTLS SECTION START]
skipServerNameVerify := config.InsecureSkipVerify || config.InsecureSkipServerNameVerify
if len(config.ServerName) == 0 && !skipServerNameVerify {
return nil, nil, errors.New("tls: at least one of ServerName, InsecureSkipVerify or InsecureSkipServerNameVerify must be specified in the tls.Config")
if len(config.ServerName) == 0 && !config.InsecureSkipVerify && len(config.InsecureServerNameToVerify) == 0 {
return nil, nil, errors.New("tls: at least one of ServerName, InsecureSkipVerify or InsecureServerNameToVerify must be specified in the tls.Config")
}
// [UTLS SECTION END]
@ -885,8 +884,10 @@ func (c *Conn) verifyServerCertificate(certificates [][]byte) error {
Intermediates: x509.NewCertPool(),
}
if !c.config.InsecureSkipServerNameVerify {
if len(c.config.InsecureServerNameToVerify) == 0 {
opts.DNSName = c.config.ServerName
} else if c.config.InsecureServerNameToVerify != "*" {
opts.DNSName = c.config.InsecureServerNameToVerify
}
// [UTLS SECTION END]