From 1e5dfdc840824723dfa142707aca1f0fca4c0056 Mon Sep 17 00:00:00 2001 From: Jaakko Keränen Date: Fri, 26 Mar 2021 11:14:57 +0200 Subject: GmCerts: Relaxed domain verification Allow a certificate for a higher-level domain to be verified against any subdomains, i.e., implicitly assume every certificate uses wildcards. CA verification is still done separately, and OpenSSL does that strictly as before. --- src/gmcerts.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/gmcerts.h') diff --git a/src/gmcerts.h b/src/gmcerts.h index a28c050e..a9859845 100644 --- a/src/gmcerts.h +++ b/src/gmcerts.h @@ -95,3 +95,5 @@ const iPtrArray * listIdentities_GmCerts (const iGmCerts *, iGmCertsIdentityF void signIn_GmCerts (iGmCerts *, iGmIdentity *identity, const iString *url); void signOut_GmCerts (iGmCerts *, const iString *url); + +iBool verifyDomain_GmCerts (const iTlsCertificate *cert, iRangecc domain); -- cgit v1.2.3