kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 02:37:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

tcptls/iostream: Add support for setting SNI on client TLS connections

Browse Source 
If the hostname field of the ast_tcptls_session_args structure is
set (which it is for websocket client connections), that hostname
will now automatically be used in an SNI TLS extension in the client
hello.

Resolves: #713

UserNote: Secure websocket client connections now send SNI in
the TLS client hello.
This commit is contained in:
George Joseph
2024-04-23 14:15:20 -06:00
parent 9c1b98e577
commit 9e1a6fa0a7
3 changed files with 39 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
main/tcptls.c
View File

@@ -741,6 +741,13 @@ struct ast_tcptls_session_instance *ast_tcptls_client_create(struct ast_tcptls_s
/* Set current info */
ast_sockaddr_copy(&desc->old_address, &desc->remote_address);
if (!ast_strlen_zero(desc->hostname)) {
if (ast_iostream_set_sni_hostname(tcptls_session->stream, desc->hostname) != 0) {
ast_log(LOG_WARNING, "Unable to set SNI hostname '%s' on connection '%s'\n",
desc->hostname, desc->name);
}
}
return tcptls_session;
error: