Changeset 265159d in mod_gnutls for src/gnutls_io.c


Ignore:
Timestamp:
Oct 17, 2017, 2:49:17 PM (3 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, proxy-ticket, upstream
Children:
54d07a1
Parents:
321912b
Message:

Send SNI for proxy connections

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_io.c

    r321912b r265159d  
    395395    }
    396396
     397    /* Enable SNI for proxy connections */
     398    if (ctxt->is_proxy == GNUTLS_ENABLED_TRUE)
     399    {
     400        /* Get peer hostname from note left by mod_proxy */
     401        const char *peer_hostname =
     402            apr_table_get(ctxt->c->notes, PROXY_SNI_NOTE);
     403        /* Used only as target for apr_ipsubnet_create() */
     404        apr_ipsubnet_t *probe;
     405        /* Check if the note is present (!= NULL) and NOT an IP
     406         * address */
     407        if ((peer_hostname) != NULL
     408            && (apr_ipsubnet_create(&probe, peer_hostname, NULL, ctxt->c->pool)
     409                != APR_SUCCESS))
     410        {
     411            ret = gnutls_server_name_set(ctxt->session, GNUTLS_NAME_DNS,
     412                                         peer_hostname, strlen(peer_hostname));
     413            if (ret != GNUTLS_E_SUCCESS)
     414                ap_log_cerror(APLOG_MARK, APLOG_ERR, ret, ctxt->c,
     415                              "Could not set SNI '%s' for proxy connection: "
     416                              "%s (%d)",
     417                              peer_hostname, gnutls_strerror(ret), ret);
     418        }
     419    }
     420
    397421tryagain:
    398422    do {
Note: See TracChangeset for help on using the changeset viewer.