commit - 7bdcc91ec70ddde092ac5d7b4f75d54915e7b221
commit + 5128c0b0e3b51737783c4c68c9e34a76ec8c8b0e
blob - 7da15c2fe0a8d64a86e8e331a6807f6a8dea0f29
blob + 5f6b000d448e4bd597c4e0704733418c6c1a3e4a
--- gmid.h
+++ gmid.h
struct proxy {
char *host;
const char *port;
+ int noverifyname;
uint8_t *cert;
size_t certlen;
uint8_t *key;
blob - db1ebb661db97c3967c7356fbf55ed043ef1bc54
blob + d21500672c4d2f4947b4c517dce81d052c0e3820
--- parse.y
+++ parse.y
%token RELAY_TO REQUIRE RETURN ROOT
%token SERVER SPAWN STRIP
%token TCP TOEXT TYPE USER
+%token VERIFYNAME
%token ERROR
yyerror("proxy port is %s: %s", errstr,
p->port);
}
+ | VERIFYNAME bool {
+ host->proxy.noverifyname = !$2;
+ }
;
locations : /* empty */
{"to-ext", TOEXT},
{"type", TYPE},
{"user", USER},
+ {"verifyname", VERIFYNAME},
};
void
blob - 99fd84213f8ac958ba1be3c02189ac5a83d5996a
blob + 87791deac3d9c75cb89b0928b32b794dba64725e
--- proxy.c
+++ proxy.c
if ((conf = tls_config_new()) == NULL)
return -1;
+ if (p->noverifyname)
+ tls_config_insecure_noverifyname(conf);
+
/* TODO: tls_config_set_protocols here */
tls_config_insecure_noverifycert(conf);