Dolda2000 GitWeb
/
ashd.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
d341283
)
sni: Install a post-client-hello function to check server name.
author
Fredrik Tolf
<fredrik@dolda2000.com>
Sat, 9 Oct 2010 15:58:12 +0000
(17:58 +0200)
committer
Fredrik Tolf
<fredrik@dolda2000.com>
Sat, 9 Oct 2010 15:58:12 +0000
(17:58 +0200)
src/ssl-gnutls.c
patch
|
blob
|
blame
|
history
diff --git
a/src/ssl-gnutls.c
b/src/ssl-gnutls.c
index
de52524
..
1ee7306
100644
(file)
--- a/
src/ssl-gnutls.c
+++ b/
src/ssl-gnutls.c
@@
-168,11
+168,29
@@
static void servessl(struct muth *muth, va_list args)
int ret;
FILE *in;
int ret;
FILE *in;
+ int setcreds(gnutls_session_t sess)
+ {
+ int i;
+ unsigned int ntype;
+ char nambuf[256];
+ size_t namlen;
+
+ for(i = 0; 1; i++) {
+ namlen = sizeof(nambuf);
+ if(gnutls_server_name_get(sess, nambuf, &namlen, &ntype, i) != 0)
+ break;
+ if(ntype != GNUTLS_NAME_DNS)
+ continue;
+ }
+ gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
+ gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+ return(0);
+ }
+
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
gnutls_init(&sess, GNUTLS_SERVER);
gnutls_set_default_priority(sess);
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
gnutls_init(&sess, GNUTLS_SERVER);
gnutls_set_default_priority(sess);
- gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
- gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+ gnutls_handshake_set_post_client_hello_function(sess, setcreds);
gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t)(intptr_t)fd);
while((ret = gnutls_handshake(sess)) != 0) {
if((ret != GNUTLS_E_INTERRUPTED) && (ret != GNUTLS_E_AGAIN))
gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t)(intptr_t)fd);
while((ret = gnutls_handshake(sess)) != 0) {
if((ret != GNUTLS_E_INTERRUPTED) && (ret != GNUTLS_E_AGAIN))