Send TLS Server Name Indication as peer if server identity is a FQDN
This commit is contained in:
parent
eea2bdb203
commit
1c21f47a06
|
@ -130,6 +130,10 @@ enum tls_extension_t {
|
||||||
TLS_EXT_RENEGOTIATION_INFO = 65281,
|
TLS_EXT_RENEGOTIATION_INFO = 65281,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
enum tls_name_type_t {
|
||||||
|
TLS_NAME_TYPE_HOST_NAME = 0,
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Enum names for tls_extension_t
|
* Enum names for tls_extension_t
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -738,6 +738,20 @@ static status_t send_client_hello(private_tls_peer_t *this,
|
||||||
extensions->write_uint8(extensions, 1);
|
extensions->write_uint8(extensions, 1);
|
||||||
extensions->write_uint8(extensions, TLS_EC_POINT_UNCOMPRESSED);
|
extensions->write_uint8(extensions, TLS_EC_POINT_UNCOMPRESSED);
|
||||||
}
|
}
|
||||||
|
if (this->server->get_type(this->server) == ID_FQDN)
|
||||||
|
{
|
||||||
|
tls_writer_t *names;
|
||||||
|
|
||||||
|
DBG2(DBG_TLS, "sending Server Name Indication for '%Y'", this->server);
|
||||||
|
|
||||||
|
names = tls_writer_create(8);
|
||||||
|
names->write_uint8(names, TLS_NAME_TYPE_HOST_NAME);
|
||||||
|
names->write_data16(names, this->server->get_encoding(this->server));
|
||||||
|
names->wrap16(names);
|
||||||
|
extensions->write_uint16(extensions, TLS_EXT_SERVER_NAME);
|
||||||
|
extensions->write_data16(extensions, names->get_buf(names));
|
||||||
|
names->destroy(names);
|
||||||
|
}
|
||||||
|
|
||||||
writer->write_data16(writer, extensions->get_buf(extensions));
|
writer->write_data16(writer, extensions->get_buf(extensions));
|
||||||
extensions->destroy(extensions);
|
extensions->destroy(extensions);
|
||||||
|
|
Loading…
Reference in New Issue