Perform SSL hostname validation
SSL stream can now verify that the remote server hostname matches the
the certificate Common Name or Subject Alternative Name.
This behavior can be disabled/enabled at the http_client scope using the
new function:
axis2_http_client_set_validate_ssl_hostname
There is also an associated getter:
axis2_http_client_get_validate_ssl_hostname
For backwards compatibility, this behavior is disabled by default.
However, this will change to being enabled by default in a future
release.
When enabled, this functionality mitigates CVE-2012-6107.
JIRA: AXIS2C-1619
6 files changed