1
0
Fork 0
mirror of https://repo.or.cz/socat.git synced 2025-07-12 14:43:24 +00:00

Do not take IP address as SNI parameter

This commit is contained in:
Gerhard Rieger 2023-06-12 19:23:09 +02:00
parent d355da98bc
commit 3678757fed
4 changed files with 79 additions and 1 deletions

View file

@ -270,7 +270,11 @@ static int
}
#if defined(HAVE_SSL_set_tlsext_host_name) || defined(SSL_set_tlsext_host_name)
if (opt_snihost == NULL) {
if (opt_snihost != NULL) {
if (check_ipaddr(opt_snihost) == 0) {
Warn1("specified SNI host \"%s\" is an IP address", opt_snihost);
}
} else if (check_ipaddr(opt_commonname) != 0) {
opt_snihost = strdup(opt_commonname);
if (opt_snihost == NULL) {
Error1("strdup("F_Zu"): out of memory", strlen(opt_commonname)+1);
@ -444,6 +448,7 @@ int _xioopen_openssl_connect(struct single *xfd,
#if defined(HAVE_SSL_set_tlsext_host_name) || defined(SSL_set_tlsext_host_name)
if (!no_sni) {
/*Warn1("_xioopen_openssl_connect(): calling SSL_set_tlsext_host_name(snihost=\"%s\")", snihost?snihost:"NULL");*/
if (!SSL_set_tlsext_host_name(ssl, snihost)) {
Error1("Failed to set SNI host \"%s\"", snihost);
sycSSL_free(xfd->para.openssl.ssl);