From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Lars Magne Ingebrigtsen Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] gnutls: Add SNI support Date: Wed, 26 Nov 2014 22:52:09 +0100 Message-ID: References: <87wq6k3i99.fsf@toke.dk> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1417038774 18997 80.91.229.3 (26 Nov 2014 21:52:54 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 26 Nov 2014 21:52:54 +0000 (UTC) Cc: emacs-devel@gnu.org To: Toke =?iso-8859-1?Q?H=F8iland-J=F8rgensen?= Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Nov 26 22:52:47 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XtkVv-0004y1-LJ for ged-emacs-devel@m.gmane.org; Wed, 26 Nov 2014 22:52:43 +0100 Original-Received: from localhost ([::1]:36184 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XtkVv-0006So-9i for ged-emacs-devel@m.gmane.org; Wed, 26 Nov 2014 16:52:43 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:43885) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XtkVm-0006M9-GG for emacs-devel@gnu.org; Wed, 26 Nov 2014 16:52:39 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XtkVg-0002gJ-Fz for emacs-devel@gnu.org; Wed, 26 Nov 2014 16:52:34 -0500 Original-Received: from hermes.netfonds.no ([80.91.224.195]:60599) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XtkVg-0002fs-9k for emacs-devel@gnu.org; Wed, 26 Nov 2014 16:52:28 -0500 Original-Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1XtkVN-00073x-Pa; Wed, 26 Nov 2014 22:52:09 +0100 Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwAgMAAAAqbBEUAAAADFBMVEV7cXJYTU9LQUI6MDHy BbZXAAACEUlEQVQokR2QP2vbQBiHX0FUyBZD3ZKUjh36LRSwOyug94JkYi+Rgm2iTKZgSDJ3zHAO kSGdJOIztSa3VCXRl2hdcIculcE2tbaAz+Sup77bw8P77wfLeOI9RqROe6IJQmbtzLVfh70RAyE+ DDu2e0R6CQM+ctmEYt0OHiJg0ol+IJ7jCR/ATHT9aRJ28Mv6K1xzFtwmVJDFegzDOWv3FwGfTJ9m 0M86CeuzRTRdc2hRJ/1LavPe7WYGHt74XTwMWh8fr8DGwSnZrbEG+YyAGKC1u+fWCA+Vcdzq26Pm mXt+pcwNtbzLuwtvTQoIDzpp5r9PIii9w3CHXPzxLzmHHd1F7SbJ7lMpwYDjSinYRDyXuQLTANjf E3KZAxoWqHolfitwy//hRW2az9ToSgEvD2O5AkrNArbRXwTgoFFQmbTzHGyKhdmxTngMCbWraGpg klTllrmIVglK2/4INqMQ0Wwea/qzEJbJtT0Ay4TnOsKtZ6MFmpqitrNPZbQ0Q20um8AWqn8LYEuL THgYYD20QN938ABmFH3bNN7oiDoMEJtYJIaVMjxRe4xIvHXrQAfeS+7HyNoZraC67VT0yfyS0TIF L2Cy/41L+b26BxQP+epsKDmiB57TlSKO5RzJBNBXzzdSuUqUofWGXAkpmQgdcDHNmYKcR0PAlRQ/ ZQExgyhN5a+NVLHHHNgwlcuNUjLN/wHAIi2K0ZnMMQAAAABJRU5ErkJggg== X-Now-Playing: Various's _The Wire Tapper 36_: "hyperContour - Utter Code" X-Hashcash: 1:23:141126:emacs-devel@gnu.org::OAP7Q/4G88z8ERQ7:000000000000000000000000000000000000000000ECKG X-Hashcash: 1:23:141126:toke@toke.dk::1bMYFwKmmuhTZq7L:00000GQqk In-Reply-To: <87wq6k3i99.fsf@toke.dk> ("Toke \=\?iso-8859-1\?Q\?H\=F8iland-J\=F8\?\= \=\?iso-8859-1\?Q\?rgensen\=22's\?\= message of "Mon, 24 Nov 2014 13:17:22 +0100") User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) X-MailScanner-ID: 1XtkVN-00073x-Pa MailScanner-NULL-Check: 1417643529.86887@VpzONaL4x+geva6CYlWHOw X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.224.195 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:178332 Archived-At: Toke H=F8iland-J=F8rgensen writes: > This patch adds what I think is the required call into GnuTLS to add the > hostname information on the handshake. Unfortunately I have been unable > to actually test the patch, since I can't get the git trunk to compile. > However, I thought I'd post it anyway to maybe get someone else to have > a look. Thanks; I'm applying a version of your patch... > Oh, and there's a bit of a hack in trying to detect whether the hostname > is an IPv4 or IPv6 literal (in which case the hostname shouldn't be > included in the handshake). Not sure if omitting that check entirely > will work, or if there's a better way to detect this case. ... but I left this out. Does it matter that we send the host name if we've been given the URL https://01.02.03.04/ or whatever? First of all, you'd think that would be kinda rare. Second of all, does the library mind getting an IP address as the SNI? If not, we could just do the SNI always without checking. --=20 (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no