@@ -1073,26 +1073,26 @@ get_cacerts() ->
10731073ssl_opts (ssl_verify_enabled , Url ) ->
10741074 case check_ssl_version () of
10751075 true ->
1076- #{host := Hostname } = rebar_uri :parse (rebar_utils :to_list (Url )),
1077- VerifyFun = {fun ssl_verify_hostname :verify_fun /3 ,
1078- [{check_hostname , Hostname }]},
10791076 CACerts = get_cacerts (),
10801077 SslOpts = [{verify , verify_peer }, {depth , 10 }, {cacerts , CACerts },
1081- {partial_chain , fun partial_chain /1 }, { verify_fun , VerifyFun } ],
1082- check_hostname_opt (SslOpts );
1078+ {partial_chain , fun partial_chain /1 }],
1079+ check_hostname_opt (Url , SslOpts );
10831080 false ->
10841081 ? WARN (" Insecure HTTPS request (peer verification disabled), "
10851082 " please update to OTP 17.4 or later"
10861083 [{verify , verify_none }]
10871084 end .
10881085
10891086-ifdef (no_customize_hostname_check ).
1090- check_hostname_opt (Opts ) ->
1091- Opts .
1087+ check_hostname_opt (Url , Opts ) ->
1088+ #{host := Hostname } = rebar_uri :parse (rebar_utils :to_list (Url )),
1089+ VerifyFun = {fun ssl_verify_hostname :verify_fun /3 ,
1090+ [{check_hostname , Hostname }]},
1091+ [{verify_fun , VerifyFun } | Opts ].
10921092-else .
1093- check_hostname_opt (Opts ) ->
1094- MatchFun = public_key :pkix_verify_hostname_match_fun (https ),
1095- [{customize_hostname_check , [{match_fun , MatchFun }]} | Opts ].
1093+ check_hostname_opt (_ , Opts ) ->
1094+ MatchFun = public_key :pkix_verify_hostname_match_fun (https ),
1095+ [{customize_hostname_check , [{match_fun , MatchFun }]} | Opts ].
10961096-endif .
10971097
10981098-spec partial_chain (Certs ) -> Res when
0 commit comments