Only send SNI if the host name is not an IP address

* gnutls.c (gnutls_ip_address_p): New function. (Fgnutls_boot): Only send SNI if the host name is not an IP address.
2026-01-09 13:10:57 -08:00 · 2014-11-26 23:11:57 +01:00 · 2014-11-26 23:11:57 +01:00 · fc4d2c7784
commit fc4d2c7784
parent ccae04f205
2 changed files with 24 additions and 4 deletions
--- a/src/ChangeLog
+++ b/src/ChangeLog
@ -1,3 +1,8 @@
+2014-11-26  Lars Magne Ingebrigtsen  <larsi@gnus.org>
+
+	* gnutls.c (gnutls_ip_address_p): New function.
+	(Fgnutls_boot): Only send SNI if the host name is not an IP address.
+
 2014-11-26  Toke Høiland-Jørgensen  <toke@toke.dk>  (tiny change)

 	* gnutls.c (Fgnutls_boot): Send the server name over (bug#18208).
--- a/src/gnutls.c
+++ b/src/gnutls.c
@ -1095,6 +1095,18 @@ emacs_gnutls_global_init (void)
  return gnutls_make_error (ret);
 }

+static bool
+gnutls_ip_address_p (char *string)
+{
+  char c;
+
+  while ((c = *string++) != 0)
+    if (! ((c == '.' || c == ':' || (c >= '0' && c <= '9'))))
+      return false;
+
+  return true;
+}
+
 #if 0
 /* Deinitializes global GnuTLS state.
 See also `gnutls-global-init'.  */
@ -1418,10 +1430,13 @@ one trustfile (usually a CA bundle).  */)
  if (ret < GNUTLS_E_SUCCESS)
    return gnutls_make_error (ret);

-  ret = fn_gnutls_server_name_set (state, GNUTLS_NAME_DNS, c_hostname,
-				   strlen(c_hostname));
-  if (ret < GNUTLS_E_SUCCESS)
-    return gnutls_make_error (ret);
+  if (!gnutls_ip_address_p (c_hostname))
+    {
+      ret = fn_gnutls_server_name_set (state, GNUTLS_NAME_DNS, c_hostname,
+				       strlen (c_hostname));
+      if (ret < GNUTLS_E_SUCCESS)
+	return gnutls_make_error (ret);
+    }

  GNUTLS_INITSTAGE (proc) = GNUTLS_STAGE_CRED_SET;
  ret = emacs_gnutls_handshake (XPROCESS (proc));