diff options
Diffstat (limited to 'lib/ssluse.c')
| -rw-r--r-- | lib/ssluse.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c index 07824b411..bc1934cfc 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1137,6 +1137,12 @@ static CURLcode verifyhost(struct connectdata *conn, if(matched) /* an alternative name matched the server hostname */ infof(data, "\t subjectAltName: %s matched\n", conn->host.dispname); + else if(altnames) { + /* an alternative name field existed, but didn't match and then + we MUST fail */ + infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname); + res = CURLE_PEER_FAILED_VERIFICATION; + } else { /* we have to look to the last occurence of a commonName in the distinguished one to get the most significant one. */ |