diff options
| author | Jose <jose@zeroc.com> | 2017-02-22 17:40:08 +0100 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2017-02-22 17:40:08 +0100 |
| commit | aa3e8bd6874a69aa25ea19625c6493de2b9cb7e0 (patch) | |
| tree | 8d42b267f1ddb06123b09b1c89b1a300a21a530a /java/src | |
| parent | Linux build failure (diff) | |
| download | ice-aa3e8bd6874a69aa25ea19625c6493de2b9cb7e0.tar.bz2 ice-aa3e8bd6874a69aa25ea19625c6493de2b9cb7e0.tar.xz ice-aa3e8bd6874a69aa25ea19625c6493de2b9cb7e0.zip | |
Fix hostname verification to ignore errors when IceSSL.VerifyPeer is 0
Diffstat (limited to 'java/src')
| -rw-r--r-- | java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java b/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java index 001d3a24f76..019f7742508 100644 --- a/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java +++ b/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java @@ -797,16 +797,6 @@ class SSLEngine } engine.setUseClientMode(!incoming); - // - // Enable the HTTPS hostname verification algorithm - // - if(_checkCertName) - { - SSLParameters params = new SSLParameters(); - params.setEndpointIdentificationAlgorithm("HTTPS"); - engine.setSSLParameters(params); - } - String[] cipherSuites = filterCiphers(engine.getSupportedCipherSuites(), engine.getEnabledCipherSuites()); try { @@ -869,6 +859,18 @@ class SSLEngine engine.setNeedClientAuth(true); } } + else + { + // + // Enable the HTTPS hostname verification algorithm + // + if(_checkCertName && _verifyPeer > 0) + { + SSLParameters params = new SSLParameters(); + params.setEndpointIdentificationAlgorithm("HTTPS"); + engine.setSSLParameters(params); + } + } try { |