Blame SOURCES/gnutls-3.3.29-cli-sni-hostname.patch
b88a4411073237d4d3ac879cf1ae690ef10b7694
b88a44 diff --git a/src/cli-args.def b/src/cli-args.defb88a44 index c661f458b..11d66ae8a 100644b88a44 --- a/src/cli-args.defb88a44 +++ b/src/cli-args.defb88a44 @@ -80,6 +80,13 @@ flag = {b88a44 doc = "Connect, establish a session and rehandshake immediately.";b88a44 };b88a44 b88a44 +flag = {b88a44 + name = sni-hostname;b88a44 + descrip = "Server's hostname for server name indication extension";b88a44 + arg-type = string;b88a44 + doc = "Set explicitly the server name used in the TLS server name indication extension. That is useful when testing with servers setup on different DNS name than the intended. If not specified, the provided hostname is used.";b88a44 +};b88a44 +b88a44 flag = {b88a44 name = starttls;b88a44 value = s;b88a44 diff --git a/src/cli.c b/src/cli.cb88a44 index 82d8e1166..f3d159a29 100644b88a44 --- a/src/cli.cb88a44 +++ b/src/cli.cb88a44 @@ -638,7 +638,10 @@ static gnutls_session_t init_tls_session(const char *hostname)b88a44 /* allow the use of private ciphersuites.b88a44 */b88a44 if (disable_extensions == 0 && disable_sni == 0) {b88a44 - if (hostname != NULL && is_ip(hostname) == 0)b88a44 + if (HAVE_OPT(SNI_HOSTNAME)) {b88a44 + gnutls_server_name_set(session, GNUTLS_NAME_DNS,b88a44 + OPT_ARG(SNI_HOSTNAME), strlen(OPT_ARG(SNI_HOSTNAME)));b88a44 + } else if (hostname != NULL && is_ip(hostname) == 0)b88a44 gnutls_server_name_set(session, GNUTLS_NAME_DNS,b88a44 hostname, strlen(hostname));b88a44 }b88a44 -- b88a44 2.14.3b88a44
