diff options
| -rw-r--r-- | lib/ssluse.c | 12 | 
1 files changed, 8 insertions, 4 deletions
| diff --git a/lib/ssluse.c b/lib/ssluse.c index b3a05f907..5a7294148 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1125,16 +1125,20 @@ static CURLcode verifyhost(struct connectdata *conn,    struct in_addr addr;  #endif    CURLcode res = CURLE_OK; +  char *hostname; + +  hostname = conn->allocptr.customhost?conn->allocptr.customhost: +    conn->host.name;  #ifdef ENABLE_IPV6    if(conn->bits.ipv6_ip && -     Curl_inet_pton(AF_INET6, conn->host.name, &addr)) { +     Curl_inet_pton(AF_INET6, hostname, &addr)) {      target = GEN_IPADD;      addrlen = sizeof(struct in6_addr);    }    else  #endif -    if(Curl_inet_pton(AF_INET, conn->host.name, &addr)) { +    if(Curl_inet_pton(AF_INET, hostname, &addr)) {        target = GEN_IPADD;        addrlen = sizeof(struct in_addr);      } @@ -1176,7 +1180,7 @@ static CURLcode verifyhost(struct connectdata *conn,            if((altlen == strlen(altptr)) &&               /* if this isn't true, there was an embedded zero in the name                  string and we cannot match it. */ -             cert_hostcheck(altptr, conn->host.name)) +             cert_hostcheck(altptr, hostname))              matched = 1;            else              matched = 0; @@ -1278,7 +1282,7 @@ static CURLcode verifyhost(struct connectdata *conn,              "SSL: unable to obtain common name from peer certificate");        res = CURLE_PEER_FAILED_VERIFICATION;      } -    else if(!cert_hostcheck((const char *)peer_CN, conn->host.name)) { +    else if(!cert_hostcheck((const char *)peer_CN, hostname)) {        if(data->set.ssl.verifyhost > 1) {          failf(data, "SSL: certificate subject name '%s' does not match "                "target host name '%s'", peer_CN, conn->host.dispname); | 
