Commit 0fd14a21 authored by Vladimír Čunát's avatar Vladimír Čunát

Merge !853: kdig: don't set SNI

It's incorrect to use an IP address in there,
and there seems little use of SNI for DNS anyway.

Fixes #552
parents 3824cf69 2e94ccee
...@@ -333,7 +333,7 @@ int net_connect(net_t *net) ...@@ -333,7 +333,7 @@ int net_connect(net_t *net)
// Establish TLS connection. // Establish TLS connection.
if (net->tls.params != NULL) { if (net->tls.params != NULL) {
int ret = tls_ctx_connect(&net->tls, sockfd, net->remote->name); int ret = tls_ctx_connect(&net->tls, sockfd, NULL);
if (ret != KNOT_EOK) { if (ret != KNOT_EOK) {
close(sockfd); close(sockfd);
return ret; return ret;
......
...@@ -291,7 +291,7 @@ int tls_ctx_init(tls_ctx_t *ctx, const tls_params_t *params, int wait) ...@@ -291,7 +291,7 @@ int tls_ctx_init(tls_ctx_t *ctx, const tls_params_t *params, int wait)
int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote) int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote)
{ {
if (ctx == NULL || remote == NULL) { if (ctx == NULL) {
return KNOT_EINVAL; return KNOT_EINVAL;
} }
...@@ -311,10 +311,12 @@ int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote) ...@@ -311,10 +311,12 @@ int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote)
return KNOT_NET_ECONNECT; return KNOT_NET_ECONNECT;
} }
ret = gnutls_server_name_set(ctx->session, GNUTLS_NAME_DNS, remote, if (remote != NULL) {
strlen(remote)); ret = gnutls_server_name_set(ctx->session, GNUTLS_NAME_DNS, remote,
if (ret != GNUTLS_E_SUCCESS) { strlen(remote));
return KNOT_NET_ECONNECT; if (ret != GNUTLS_E_SUCCESS) {
return KNOT_NET_ECONNECT;
}
} }
gnutls_session_set_ptr(ctx->session, ctx); gnutls_session_set_ptr(ctx->session, ctx);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment