aboutsummaryrefslogtreecommitdiffstats
path: root/util/x509.lua
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2013-09-26 16:55:39 +0200
committerKim Alvefur <zash@zash.se>2013-09-26 16:55:39 +0200
commitbe672f8a37667683bb5d14e61fbd5e759b8750c5 (patch)
tree0b7732fb5d7f98e0f0687278a8a2d337cb2d6c43 /util/x509.lua
parentd5dc3c96f74b500b12f12acd730afec214652c32 (diff)
downloadprosody-be672f8a37667683bb5d14e61fbd5e759b8750c5.tar.gz
prosody-be672f8a37667683bb5d14e61fbd5e759b8750c5.zip
util.x509: Only compare identity with oid-on-xmppAddr for XMPP services
Diffstat (limited to 'util/x509.lua')
-rw-r--r--util/x509.lua4
1 files changed, 3 insertions, 1 deletions
diff --git a/util/x509.lua b/util/x509.lua
index 19d4ec6d..857f02a4 100644
--- a/util/x509.lua
+++ b/util/x509.lua
@@ -161,7 +161,9 @@ function verify_identity(host, service, cert)
if sans[oid_xmppaddr] then
had_supported_altnames = true
- if compare_xmppaddr(host, sans[oid_xmppaddr]) then return true end
+ if service == "_xmpp-client" or service == "_xmpp-server" then
+ if compare_xmppaddr(host, sans[oid_xmppaddr]) then return true end
+ end
end
if sans[oid_dnssrv] then