On Darwin SSL, add ability to skip peer verification.

DOCKER_VERSION

@@ -1 +1 @@
-7.3.4
+7.3.5

docs/CHANGELOG.md

@@ -1,6 +1,10 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [7.3.5] - 2019-11-20
+
+- On Darwin SSL, add ability to skip peer verification.
+
 ## [7.3.4] - 2019-11-20
 
 - 32-bits compile fix, courtesy of @fcojavmc

ixwebsocket/IXSocketAppleSSL.cpp

@@ -168,10 +168,32 @@ namespace ix
             SSLSetProtocolVersionMin(_sslContext, kTLSProtocol12);
             SSLSetPeerDomainName(_sslContext, host.c_str(), host.size());
 
-            do
+            if (_tlsOptions.isPeerVerifyDisabled())
             {
-                status = SSLHandshake(_sslContext);
+                Boolean option(1);
-            } while (errSSLWouldBlock == status || errSSLServerAuthCompleted == status);
+                SSLSetSessionOption(_sslContext, kSSLSessionOptionBreakOnServerAuth, option);
+
+                do
+                {
+                    status = SSLHandshake(_sslContext);
+                } while (errSSLWouldBlock == status || errSSLServerAuthCompleted == status);
+
+                if (status == errSSLServerAuthCompleted)
+                {
+                    // proceed with the handshake
+                    do
+                    {
+                        status = SSLHandshake(_sslContext);
+                    } while (errSSLWouldBlock == status || errSSLServerAuthCompleted == status);
+                }
+            }
+            else
+            {
+                do
+                {
+                    status = SSLHandshake(_sslContext);
+                } while (errSSLWouldBlock == status || errSSLServerAuthCompleted == status);
+            }
         }
 
         if (noErr != status)

ixwebsocket/IXWebSocketVersion.h

@@ -6,4 +6,4 @@
 
 #pragma once
 
-#define IX_WEBSOCKET_VERSION "7.3.4"
+#define IX_WEBSOCKET_VERSION "7.3.5"