Commit 0fd14a21 authored by Vladimír Čunát's avatar Vladimír Čunát

Merge !853: kdig: don't set SNI

It's incorrect to use an IP address in there,
and there seems little use of SNI for DNS anyway.

Fixes #552
parents 3824cf69 2e94ccee
......@@ -333,7 +333,7 @@ int net_connect(net_t *net)
// Establish TLS connection.
if (net->tls.params != NULL) {
int ret = tls_ctx_connect(&net->tls, sockfd, net->remote->name);
int ret = tls_ctx_connect(&net->tls, sockfd, NULL);
if (ret != KNOT_EOK) {
close(sockfd);
return ret;
......
......@@ -291,7 +291,7 @@ int tls_ctx_init(tls_ctx_t *ctx, const tls_params_t *params, int wait)
int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote)
{
if (ctx == NULL || remote == NULL) {
if (ctx == NULL) {
return KNOT_EINVAL;
}
......@@ -311,11 +311,13 @@ int tls_ctx_connect(tls_ctx_t *ctx, int sockfd, const char *remote)
return KNOT_NET_ECONNECT;
}
if (remote != NULL) {
ret = gnutls_server_name_set(ctx->session, GNUTLS_NAME_DNS, remote,
strlen(remote));
if (ret != GNUTLS_E_SUCCESS) {
return KNOT_NET_ECONNECT;
}
}
gnutls_session_set_ptr(ctx->session, ctx);
gnutls_transport_set_int(ctx->session, sockfd);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment