X-Git-Url: http://git.dolda2000.com/gitweb/?a=blobdiff_plain;f=src%2Fssl-gnutls.c;h=1ee7306597d7a2d01da4bf9c06c4d40f55dfa57a;hb=1b77e192a00433e94124eeeac3b7ed000db9dc90;hp=992818a11744dcb8b4be3ee0af287d97e826ac11;hpb=6b84641acd8e4ed45817d1c8ab5ff520e8ba2af1;p=ashd.git

diff --git a/src/ssl-gnutls.c b/src/ssl-gnutls.c
index 992818a..1ee7306 100644
--- a/src/ssl-gnutls.c
+++ b/src/ssl-gnutls.c
@@ -141,6 +141,7 @@ static int initreq(struct conn *conn, struct hthead *req)
     socklen_t salen;
     char nmbuf[256];
     
+    headappheader(req, "X-Ash-Address", formathaddress((struct sockaddr *)&ssl->name, sizeof(sa)));
     if(ssl->name.ss_family == AF_INET) {
 	headappheader(req, "X-Ash-Address", inet_ntop(AF_INET, &((struct sockaddr_in *)&ssl->name)->sin_addr, nmbuf, sizeof(nmbuf)));
 	headappheader(req, "X-Ash-Port", sprintf3("%i", ntohs(((struct sockaddr_in *)&ssl->name)->sin_port)));
@@ -149,12 +150,8 @@ static int initreq(struct conn *conn, struct hthead *req)
 	headappheader(req, "X-Ash-Port", sprintf3("%i", ntohs(((struct sockaddr_in6 *)&ssl->name)->sin6_port)));
     }
     salen = sizeof(sa);
-    if(!getsockname(ssl->fd, (struct sockaddr *)&sa, &salen)) {
-	if(sa.ss_family == AF_INET)
-	    headappheader(req, "X-Ash-Server-Address", inet_ntop(AF_INET, &((struct sockaddr_in *)&sa)->sin_addr, nmbuf, sizeof(nmbuf)));
-	else if(sa.ss_family == AF_INET6)
-	    headappheader(req, "X-Ash-Server-Address", inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&sa)->sin6_addr, nmbuf, sizeof(nmbuf)));
-    }
+    if(!getsockname(ssl->fd, (struct sockaddr *)&sa, &salen))
+	headappheader(req, "X-Ash-Server-Address", formathaddress((struct sockaddr *)&sa, sizeof(sa)));
     headappheader(req, "X-Ash-Server-Port", sprintf3("%i", ssl->port->sport));
     headappheader(req, "X-Ash-Protocol", "https");
     return(0);
@@ -171,11 +168,29 @@ static void servessl(struct muth *muth, va_list args)
     int ret;
     FILE *in;
     
+    int setcreds(gnutls_session_t sess)
+    {
+	int i;
+	unsigned int ntype;
+	char nambuf[256];
+	size_t namlen;
+	
+	for(i = 0; 1; i++) {
+	    namlen = sizeof(nambuf);
+	    if(gnutls_server_name_get(sess, nambuf, &namlen, &ntype, i) != 0)
+		break;
+	    if(ntype != GNUTLS_NAME_DNS)
+		continue;
+	}
+	gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
+	gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+	return(0);
+    }
+
     fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
     gnutls_init(&sess, GNUTLS_SERVER);
     gnutls_set_default_priority(sess);
-    gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
-    gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+    gnutls_handshake_set_post_client_hello_function(sess, setcreds);
     gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t)(intptr_t)fd);
     while((ret = gnutls_handshake(sess)) != 0) {
 	if((ret != GNUTLS_E_INTERRUPTED) && (ret != GNUTLS_E_AGAIN))