From e73de2317eda6eb565a3c43e24e5164eb739b750 Mon Sep 17 00:00:00 2001 From: Gabriel Souza Franco Date: Fri, 16 Apr 2021 00:36:35 -0300 Subject: [PATCH] fix: verify tls cert for non-conformant servers --- src/database/globals.rs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/database/globals.rs b/src/database/globals.rs index e48c8491..fd51e355 100644 --- a/src/database/globals.rs +++ b/src/database/globals.rs @@ -52,7 +52,11 @@ impl ServerCertVerifier for MatrixServerVerifier { }, None => dns_name }; - self.inner.verify_server_cert(roots, presented_certs, override_name, ocsp_response) + + self.inner.verify_server_cert(roots, presented_certs, override_name, ocsp_response).or_else(|_| { + log::warn!("Server is non-compliant, retrying with original name!"); + self.inner.verify_server_cert(roots, presented_certs, dns_name, ocsp_response) + }) } }