vitalif
/
etcd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #6440 from lclarkmichalek/how-to-ssl-question-mark 

Obey the usual rules of SSL server name verification when using a private PKI
release-3.2
Anthony Romano 2017-01-17 10:28:22 -08:00 committed by GitHub
parent bad2f03cd0 eba41cd7b3
commit 2db9d3b702
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/transport/listener.go
View File

@ -23,7 +23,6 @@ import (
"crypto/x509/pkix" "crypto/x509/pkix"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"log"
"math/big" "math/big"
"net" "net"
"os" "os"
@ -235,9 +234,6 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
// if given a CA, trust any host with a cert signed by the CA
log.Println("warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated")
cfg.ServerName = ""
} }
if info.selfCert { if info.selfCert {