artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d4e67a9) | patch
RFC 6066 states that IP literals are not permitted in "HostName" for a
authorjsing <jsing@openbsd.org>
Wed, 5 Jul 2017 15:38:35 +0000 (15:38 +0000)
committerjsing <jsing@openbsd.org>
Wed, 5 Jul 2017 15:38:35 +0000 (15:38 +0000)
commitdd391ab5c40e3571d658b90198c447a760c95e7d
tree2bee181f92955506ea1dc3b8217e5425f8f2040dtree | snapshot
parentd4e67a97b48f1b52d1ab469d4665694e452560c5commit | diff
RFC 6066 states that IP literals are not permitted in "HostName" for a
TLS Server Name extension, however seemingly several clients (including
Python, Ruby and Safari) violate the RFC. Given that this is a fairly
widespread issue, if we receive a TLS Server Name extension that contains
an IP literal, pretend that we did not receive the extension rather than
causing a handshake failure.

Issue raised by jsg@

ok jsg@
lib/libtls/tls_server.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim