From 4a979499533cc1f6231dbfddd4d1cf5f89284c25 Mon Sep 17 00:00:00 2001
From: eidheim <eidheim@gmail.com>
Date: Sun, 4 Dec 2016 13:45:39 +0100
Subject: [PATCH] Security fix for Client<HTTPS>: added host verification,
 fixes #90

---
 client_https.hpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/client_https.hpp b/client_https.hpp
index bd67665..dfc4d8f 100644
--- a/client_https.hpp
+++ b/client_https.hpp
@@ -16,6 +16,7 @@ namespace SimpleWeb {
                 ClientBase<HTTPS>::ClientBase(server_port_path, 443), context(boost::asio::ssl::context::tlsv12) {
             if(verify_certificate) {
                 context.set_verify_mode(boost::asio::ssl::verify_peer);
+                context.set_verify_callback(boost::asio::ssl::rfc2818_verification(host));
                 context.set_default_verify_paths();
             }
             else
@@ -26,8 +27,10 @@ namespace SimpleWeb {
                 context.use_private_key_file(private_key_file, boost::asio::ssl::context::pem);
             }
             
-            if(verify_file.size()>0)
+            if(verify_file.size()>0) {
                 context.load_verify_file(verify_file);
+                context.set_verify_mode(boost::asio::ssl::verify_peer);
+            }
         }
 
     protected: