Set expected certificate hostname when connecting to an HTTPS server

This commit is contained in:
2025-11-23 23:54:10 +01:00
parent 1be0c14415
commit aa158980f5
3 changed files with 31 additions and 5 deletions
-2
View File
@@ -1,4 +1,2 @@
- From Claude:
While peer verification is enabled, there's no hostname verification. An attacker with any valid certificate could MITM connections. Should add SSL_set1_host(ssl, hostname);
- Add connection timeouts
- Per RFC 6265, cookie values can be quoted. This parser would include the quotes in the value.