Server certificate validation doesn't seem to work

[glguy]

I tried this using HoloIRC as found on the Google Play Store.

This test relies on the fact that while chat.freenode.org and chat.freenode.net both resolve to the same server, Freenode uses a certificate that only matches the .net address.

Certificate chain
 0 s:/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.freenode.net
   i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2

Reproduce: Attempt to connect to "chat.freenode.org"

Expected behavior: Certificate validation fails

Actual result: Connection succeeds

[julian-klode]

That's true, the CA check does not validate server names :(