#3087: No server hostname validation in SSL certificate processing Changes (by pdmef):
* status: new => closed * resolution: => fixed Comment: (In [934a802dff7f]) Verify hostname in (Open)SSL certificate validation This is based on the patch by gkloepfer attached to #3087 but passes the proper connection as argument (avoiding adding hostname to struct sslsockdata) and validates the hostname even in case OpenSSL cannot find the local issuer certificate. GnuTLS already supports hostname checking. Closes #3087. -- Ticket URL: <http://dev.mutt.org/trac/ticket/3087#comment:3>
