Skip to content

Commit bfc344d

Browse files
millertmillert
committed
validate_hostname: remove DNS hostname lookups
Instead of the server passing in the client IP address and having validate_hostname() resolve it, resolve the name in new_connection() and pass it to validate_hostname(). This significantly simplifies the certificate validation callback.
1 parent 6ce8f81 commit bfc344d

File tree

6 files changed

+147
-253
lines changed

6 files changed

+147
-253
lines changed

include/hostcheck.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ typedef enum {
3030
} HostnameValidationResult;
3131

3232
HostnameValidationResult validate_hostname(const X509 *cert,
33-
const char *hostname, const char *ipaddr, int resolve);
33+
const char *hostname, const char *ipaddr);
3434

3535
#endif /* HAVE_OPENSSL */
3636

0 commit comments

Comments
 (0)