From fc4d2c7784184a01bdbf9d428fe22aed4039b159 Mon Sep 17 00:00:00 2001 From: Lars Magne Ingebrigtsen Date: Wed, 26 Nov 2014 23:11:57 +0100 Subject: Only send SNI if the host name is not an IP address * gnutls.c (gnutls_ip_address_p): New function. (Fgnutls_boot): Only send SNI if the host name is not an IP address. --- src/ChangeLog | 5 +++++ src/gnutls.c | 23 +++++++++++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/src/ChangeLog b/src/ChangeLog index 17e3c5988a6..df704efdf2d 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,8 @@ +2014-11-26 Lars Magne Ingebrigtsen + + * gnutls.c (gnutls_ip_address_p): New function. + (Fgnutls_boot): Only send SNI if the host name is not an IP address. + 2014-11-26 Toke Høiland-Jørgensen (tiny change) * gnutls.c (Fgnutls_boot): Send the server name over (bug#18208). diff --git a/src/gnutls.c b/src/gnutls.c index 5a4b39f789a..752df3c8edd 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1095,6 +1095,18 @@ emacs_gnutls_global_init (void) return gnutls_make_error (ret); } +static bool +gnutls_ip_address_p (char *string) +{ + char c; + + while ((c = *string++) != 0) + if (! ((c == '.' || c == ':' || (c >= '0' && c <= '9')))) + return false; + + return true; +} + #if 0 /* Deinitializes global GnuTLS state. See also `gnutls-global-init'. */ @@ -1418,10 +1430,13 @@ one trustfile (usually a CA bundle). */) if (ret < GNUTLS_E_SUCCESS) return gnutls_make_error (ret); - ret = fn_gnutls_server_name_set (state, GNUTLS_NAME_DNS, c_hostname, - strlen(c_hostname)); - if (ret < GNUTLS_E_SUCCESS) - return gnutls_make_error (ret); + if (!gnutls_ip_address_p (c_hostname)) + { + ret = fn_gnutls_server_name_set (state, GNUTLS_NAME_DNS, c_hostname, + strlen (c_hostname)); + if (ret < GNUTLS_E_SUCCESS) + return gnutls_make_error (ret); + } GNUTLS_INITSTAGE (proc) = GNUTLS_STAGE_CRED_SET; ret = emacs_gnutls_handshake (XPROCESS (proc)); -- cgit v1.2.1