changeset
Implement SNI support for the gnutls SSL plugin.
Mon, 16 Dec 2019 13:11:41 +0100
- author
- Mihai Moldovan <ionic@ionic.de>
- date
- Mon, 16 Dec 2019 13:11:41 +0100
- branch
- release-2.x.y
- changeset 40238
- 6dba8046e1b1
- parent 40185
- 7a975763d3b6
- child 40239
- 0a7484792f62
Implement SNI support for the gnutls SSL plugin.
Note that gnutls is picky in regard to what it accepts as the server name - it
MUST be a domain name. IP addresses are not supported according to the
documentation.
Hence, filter out IP addresses and hope that whatever is not recognized as
such an address is actually a domain name. This will probably fail for more
exotic addresses (especially in IPv6 realm), but wiring up a full-blown parser
is too much effort and SSL plugins are not part of purple-3 anyway.
Fixes #17300
| libpurple/plugins/ssl/ssl-gnutls.c | file | annotate | diff | comparison | revisions |
--- a/libpurple/plugins/ssl/ssl-gnutls.c Mon Nov 11 21:31:35 2019 -0600 +++ b/libpurple/plugins/ssl/ssl-gnutls.c Mon Dec 16 13:11:41 2019 +0100 @@ -403,6 +403,10 @@ gnutls_transport_set_ptr(gnutls_data->session, GINT_TO_POINTER(gsc->fd)); + /* SNI support. */ + if (gsc->host && !g_hostname_is_ip_address(gsc->host)) + gnutls_server_name_set(gnutls_data->session, GNUTLS_NAME_DNS, gsc->host, strlen(gsc->host)); + gnutls_data->handshake_handler = purple_input_add(gsc->fd, PURPLE_INPUT_READ, ssl_gnutls_handshake_cb, gsc);
