Mercurial Mercurial > enmi-conf.org / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
wp/wp-includes/Requests/SSL.php
changeset 18 be944660c56a
parent 16 a86126ab1dd4 
--- a/wp/wp-includes/Requests/SSL.php	Tue Dec 15 15:52:01 2020 +0100
+++ b/wp/wp-includes/Requests/SSL.php	Wed Sep 21 18:19:35 2022 +0200
@@ -20,7 +20,6 @@
 	 *
 	 * Unfortunately, PHP doesn't check the certificate against the alternative
 	 * names, leading things like 'https://www.github.com/' to be invalid.
-	 * Instead
 	 *
 	 * @see https://tools.ietf.org/html/rfc2818#section-3.1 RFC2818, Section 3.1
 	 *
@@ -30,13 +29,6 @@
 	 * @return bool
 	 */
 	public static function verify_certificate($host, $cert) {
-		// Calculate the valid wildcard match if the host is not an IP address
-		$parts = explode('.', $host);
-		if (ip2long($host) === false) {
-			$parts[0] = '*';
-		}
-		$wildcard = implode('.', $parts);
-
 		$has_dns_alt = false;
 
 		// Check the subjectAltName
@@ -139,7 +131,7 @@
 		// Also validates that the host has 3 parts or more, as per Firefox's
 		// ruleset.
 		if (ip2long($host) === false) {
-			$parts = explode('.', $host);
+			$parts    = explode('.', $host);
 			$parts[0] = '*';
 			$wildcard = implode('.', $parts);
 			if ($wildcard === $reference) {
enmi-conf.org