mutantmonkey
commented
8 years ago I'm using Go 1.5.3.
Open mutantmonkey opened 8 years ago
mutantmonkey
commented
8 years ago I'm using Go 1.5.3.
janimo
commented
8 years ago I see this change going in Go 1.3 but that is not a new one (and it implies that your change is needed) https://github.com/golang/go/commit/fca335e91a915b6aae536936a7694c4a2a007a60
What is the exact error message you get and what server are you connecting to?
The standard cmdline client connecting to the OWS server works for me when built against Go 1.5.3
mutantmonkey
commented
8 years ago I have the server set to https://textsecure-service.whispersystems.org:443. This is the output I get when I run textsecure:
DEBU[2016/01/21 22:26:51] PUT /v1/directory/tokens 200
tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config
timothymctim
commented
7 years ago It seem a sensible thing to implement to me, as this is basically a (very) weak form of certificate pinning, if I understand this correctly: Does setting ServerName check the Common Name (CN) of the certificate? A better option would of course be to check the fingerprint of the TLS certificate.
This is required for Go to establish a TLS connection unless InsecureSkipVerify is set.
I'm not sure if this was a recent change in Go or what; it doesn't appear to be, but perhaps I missed something. I wasn't able to get this running on my system without this change.