diff options
| author | Jay Satiro <raysatiro@yahoo.com> | 2022-01-23 15:08:37 -0500 |
|---|---|---|
| committer | Jay Satiro <raysatiro@yahoo.com> | 2022-01-23 15:08:37 -0500 |
| commit | a3a222d9ba3d64e72030a0d555d166de8c959c33 (patch) | |
| tree | ced8b88cd5d5e4eb22150b43149ebe4405039ab9 | |
| parent | dbe35d6c03c49e20186cc1c6fd52628302794fa5 (diff) | |
| download | curl-a3a222d9ba3d64e72030a0d555d166de8c959c33.tar.gz | |
squashme: all Curl_ssl_snihost failures set error message
all Curl_ssl_snihost failures now set same error message:
failf(data, "Failed to set SNI");
| -rw-r--r-- | lib/vtls/bearssl.c | 4 | ||||
| -rw-r--r-- | lib/vtls/gskit.c | 4 | ||||
| -rw-r--r-- | lib/vtls/mbedtls.c | 2 | ||||
| -rw-r--r-- | lib/vtls/nss.c | 5 | ||||
| -rw-r--r-- | lib/vtls/rustls.c | 4 | ||||
| -rw-r--r-- | lib/vtls/schannel.c | 4 | ||||
| -rw-r--r-- | lib/vtls/sectransp.c | 4 |
7 files changed, 19 insertions, 8 deletions
diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c index f453ffc9e..bac6b3931 100644 --- a/lib/vtls/bearssl.c +++ b/lib/vtls/bearssl.c @@ -467,8 +467,10 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data, } else { char *snihost = Curl_ssl_snihost(data, hostname, NULL); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } hostname = snihost; } diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index 93c5cbf08..223ca6110 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -831,8 +831,10 @@ static CURLcode gskit_connect_step1(struct Curl_easy *data, /* Process SNI. Ignore if not supported (on OS400 < V7R1). */ if(sni) { char *snihost = Curl_ssl_snihost(data, sni, NULL); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } result = set_buffer(data, BACKEND->handle, GSK_SSL_EXTN_SERVERNAME_REQUEST, snihost, TRUE); if(result == CURLE_UNSUPPORTED_PROTOCOL) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index c31dbd7d4..dc08032dd 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -567,7 +567,7 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn, /* mbedtls_ssl_set_hostname() sets the name to use in CN/SAN checks and the name to set in the SNI extension. So even if curl connects to a host specified as an IP address, this function must be used. */ - failf(data, "couldn't set hostname in mbedTLS"); + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; } } diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 1526b709d..9e301437b 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1878,12 +1878,13 @@ static CURLcode nss_setup_connect(struct Curl_easy *data, #endif }; char *snihost = Curl_ssl_snihost(data, SSL_HOST_NAME(), NULL); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } backend->data = data; - /* list of all NSS objects we need to destroy in nss_do_close() */ Curl_llist_init(&backend->obj_list, nss_destroy_object); diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index d419dfb0e..1c4cb1910 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -370,8 +370,10 @@ cr_init_backend(struct Curl_easy *data, struct connectdata *conn, DEBUGASSERT(rconn == NULL); { char *snihost = Curl_ssl_snihost(data, hostname, NULL); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } result = rustls_client_connection_new(backend->config, snihost, &rconn); } if(result != RUSTLS_RESULT_OK) { diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 300a97e55..2067ebb06 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -938,8 +938,10 @@ schannel_connect_step1(struct Curl_easy *data, struct connectdata *conn, { char *snihost = Curl_ssl_snihost(data, hostname, NULL); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } host_name = curlx_convert_UTF8_to_tchar(snihost); if(!host_name) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index 0c8f029b5..059756eb6 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -2030,8 +2030,10 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, if(conn->ssl_config.verifyhost) { size_t snilen; char *snihost = Curl_ssl_snihost(data, hostname, &snilen); - if(!snihost) + if(!snihost) { + failf(data, "Failed to set SNI"); return CURLE_SSL_CONNECT_ERROR; + } err = SSLSetPeerDomainName(backend->ssl_ctx, snihost, snilen); if(err != noErr) { |