static int initreq(struct conn *conn, struct hthead *req)
{
struct sslconn *ssl = conn->pdata;
+ struct sockaddr_storage sa;
+ socklen_t salen;
char nmbuf[256];
+ headappheader(req, "X-Ash-Address", formathaddress((struct sockaddr *)&ssl->name, sizeof(sa)));
if(ssl->name.ss_family == AF_INET) {
headappheader(req, "X-Ash-Address", inet_ntop(AF_INET, &((struct sockaddr_in *)&ssl->name)->sin_addr, nmbuf, sizeof(nmbuf)));
headappheader(req, "X-Ash-Port", sprintf3("%i", ntohs(((struct sockaddr_in *)&ssl->name)->sin_port)));
headappheader(req, "X-Ash-Address", inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&ssl->name)->sin6_addr, nmbuf, sizeof(nmbuf)));
headappheader(req, "X-Ash-Port", sprintf3("%i", ntohs(((struct sockaddr_in6 *)&ssl->name)->sin6_port)));
}
+ salen = sizeof(sa);
+ if(!getsockname(ssl->fd, (struct sockaddr *)&sa, &salen))
+ headappheader(req, "X-Ash-Server-Address", formathaddress((struct sockaddr *)&sa, sizeof(sa)));
headappheader(req, "X-Ash-Server-Port", sprintf3("%i", ssl->port->sport));
headappheader(req, "X-Ash-Protocol", "https");
return(0);
int ret;
FILE *in;
+ int setcreds(gnutls_session_t sess)
+ {
+ int i;
+ unsigned int ntype;
+ char nambuf[256];
+ size_t namlen;
+
+ for(i = 0; 1; i++) {
+ namlen = sizeof(nambuf);
+ if(gnutls_server_name_get(sess, nambuf, &namlen, &ntype, i) != 0)
+ break;
+ if(ntype != GNUTLS_NAME_DNS)
+ continue;
+ }
+ gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
+ gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+ return(0);
+ }
+
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
gnutls_init(&sess, GNUTLS_SERVER);
gnutls_set_default_priority(sess);
- gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
- gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+ gnutls_handshake_set_post_client_hello_function(sess, setcreds);
gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t)(intptr_t)fd);
while((ret = gnutls_handshake(sess)) != 0) {
if((ret != GNUTLS_E_INTERRUPTED) && (ret != GNUTLS_E_AGAIN))