Add option to disable hostname check (#399)

* Suppress compiler warnings about unused elements. * Enable CMake's compilation database. * Add TLS option to disable checking a certificate's host name. * Add `--disable-hostname-validation` to `ws`. * Add test for disabling hostname validation.
2022-10-12 15:41:32 +02:00
parent 0b8b5608dc
commit 1e46466114
10 changed files with 126 additions and 34 deletions
--- a/ixwebsocket/IXSocketAppleSSL.cpp
+++ b/ixwebsocket/IXSocketAppleSSL.cpp
@ -205,7 +205,9 @@ namespace ix
                _sslContext, SocketAppleSSL::readFromSocket, SocketAppleSSL::writeToSocket);
            SSLSetConnection(_sslContext, (SSLConnectionRef)(long) _sockfd);
            SSLSetProtocolVersionMin(_sslContext, kTLSProtocol12);
-            SSLSetPeerDomainName(_sslContext, host.c_str(), host.size());
+
+            if (!_tlsOptions.disable_hostname_validation)
+                SSLSetPeerDomainName(_sslContext, host.c_str(), host.size());

            if (_tlsOptions.isPeerVerifyDisabled())
            {