From 746a3bdfab43d93a40d9c1256c9a96e7783436bb Mon Sep 17 00:00:00 2001 From: Hubert Kario Date: Fri, 6 May 2016 11:05:10 +0200 Subject: Add support for sending unrecognized name alerts To better test support for server_name extension in TLS, it's necessary to be able to differentiate between name being rejected because it is unknown to the server and it being malformed. --- lib/alert.c | 4 ++++ lib/errors.c | 2 ++ lib/includes/gnutls/gnutls.h.in | 2 ++ 3 files changed, 8 insertions(+) diff --git a/lib/alert.c b/lib/alert.c index 786f7bc6bb..da41d2747b 100644 --- a/lib/alert.c +++ b/lib/alert.c @@ -300,6 +300,10 @@ int gnutls_error_to_alert(int err, int *level) ret = GNUTLS_A_NO_APPLICATION_PROTOCOL; _level = GNUTLS_AL_FATAL; break; + case GNUTLS_E_UNRECOGNIZED_NAME: + ret = GNUTLS_A_UNRECOGNIZED_NAME; + _level = GNUTLS_AL_FATAL; + break; default: ret = GNUTLS_A_INTERNAL_ERROR; _level = GNUTLS_AL_FATAL; diff --git a/lib/errors.c b/lib/errors.c index 42c5010b21..0b9d4eaee3 100644 --- a/lib/errors.c +++ b/lib/errors.c @@ -382,6 +382,8 @@ static const gnutls_error_entry error_entries[] = { GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING), ERROR_ENTRY(N_("Attempted handshake during false start."), GNUTLS_E_HANDSHAKE_DURING_FALSE_START), + ERROR_ENTRY(N_("The SNI host name not recognised."), + GNUTLS_E_UNRECOGNIZED_NAME), {NULL, NULL, 0} }; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 432c26911a..3c6bd5be9d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2681,6 +2681,8 @@ int gnutls_fips140_mode_enabled(void); #define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292 #define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293 +#define GNUTLS_E_UNRECOGNIZED_NAME -294 + /* PKCS11 related */ #define GNUTLS_E_PKCS11_ERROR -300 #define GNUTLS_E_PKCS11_LOAD_ERROR -301 -- cgit v1.2.1