openssl: disable host CN checks for cyassl (TODO)
authorFelix Fietkau <nbd@openwrt.org>
Tue, 25 Mar 2014 15:03:27 +0000 (16:03 +0100)
committerFelix Fietkau <nbd@openwrt.org>
Tue, 25 Mar 2014 15:03:27 +0000 (16:03 +0100)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
ustream-openssl.c

index a45e2f49714fb67fa787e481d90ef3e945178533..678e3c43c20f6d6556d91b1439e7b0b3de35302b 100644 (file)
@@ -105,6 +105,8 @@ static void ustream_ssl_error(struct ustream_ssl *us, int ret)
        uloop_timeout_set(&us->error_timer, 0);
 }
 
+#ifndef CYASSL_OPENSSL_H_
+
 static bool host_pattern_match(const unsigned char *pattern, const char *cn)
 {
        char c;
@@ -232,6 +234,8 @@ static void ustream_ssl_verify_cert(struct ustream_ssl *us)
        us->valid_cn = ustream_ssl_verify_cn(us, cert);
 }
 
+#endif
+
 __hidden enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us)
 {
        void *ssl = us->ssl;
@@ -243,7 +247,9 @@ __hidden enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us)
                r = SSL_connect(ssl);
 
        if (r == 1) {
+#ifndef CYASSL_OPENSSL_H_
                ustream_ssl_verify_cert(us);
+#endif
                return U_SSL_OK;
        }