client: Don't try to verify unicode hostname
This commit is contained in:
parent
7c1a5184c9
commit
dfa37aaeb8
@ -179,12 +179,10 @@ func (c *Client) do(conn *tls.Conn, req *Request) (*Response, error) {
|
|||||||
|
|
||||||
func (c *Client) verifyConnection(hostname, punycode string, cs tls.ConnectionState) error {
|
func (c *Client) verifyConnection(hostname, punycode string, cs tls.ConnectionState) error {
|
||||||
cert := cs.PeerCertificates[0]
|
cert := cs.PeerCertificates[0]
|
||||||
// Try punycode and then hostname
|
// Verify punycoded hostname
|
||||||
if err := verifyHostname(cert, punycode); err != nil {
|
if err := verifyHostname(cert, punycode); err != nil {
|
||||||
if err := verifyHostname(cert, hostname); err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
|
||||||
// Check expiration date
|
// Check expiration date
|
||||||
if !time.Now().Before(cert.NotAfter) {
|
if !time.Now().Before(cert.NotAfter) {
|
||||||
return errors.New("gemini: certificate expired")
|
return errors.New("gemini: certificate expired")
|
||||||
|
Loading…
Reference in New Issue
Block a user