Commit 6efd2fa5 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

mbedtls/polarssl: set "hostname" unconditionally

...as otherwise the TLS libs will skip the CN/SAN check and just allow
connection to any server. curl previously skipped this function when SNI
wasn't used or when connecting to an IP address specified host.

CVE-2016-3739

Bug: https://curl.haxx.se/docs/adv_20160518A.html
Reported-by: Moti Avrahami
parent 5db31398
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment