mrigaya
commented
6 years ago @francisbrosnan any suggestion on this pull request?
Open mrigaya opened 6 years ago
mrigaya
commented
6 years ago @francisbrosnan any suggestion on this pull request?
francisbrosnan
commented
6 years ago Hello @mrigaya CLA is still pending. Best Regards.
kristakhare
commented
6 years ago The CLA should be covered now, per Jorge. Please let us know otherwise.
selvamKrish
commented
5 years ago @francisbrosnan Thanks for your time and considerations, please let us know if there is any update/suggestion on this PR.
francisbrosnan
commented
5 years ago Hello @selvamKrish, just acknoledge your message. We didn't have time to review this. We'll keep you updated as soon as possible. Best Regards.
schmidtw
commented
5 years ago @francisbrosnan have you had any cycles to look at this code?
As per openssl wiki page https://wiki.openssl.org/index.php/Hostname_validation, openssl version prior to 1.0.2 doesn't perform hostname validation. So nopoll users should handle the hostname validation part during connection handshake at the client end.
This code can help users to enable/disable hostname validation feature based on the options they are providing during the TLS connect. As we could see in the computer security this man in the middle attack is most common security threats faced by the current world, So it is better to enable hostname validation by default and we did the same here. And also user may not be aware of this hostname validation is not handled in their openssl in case if they are using the openssl version < 1.0.2.
Review these changes and Please let me know if it requires any modification/suggestion from your end.