Commit bd807d2a authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

Cleanup server name parameter handling

parent 42327f35
...@@ -55,7 +55,7 @@ struct tls_session_t ...@@ -55,7 +55,7 @@ struct tls_session_t
tls_session_sys_t *p_sys; tls_session_sys_t *p_sys;
struct virtual_socket_t sock; struct virtual_socket_t sock;
int (*pf_handshake) ( tls_session_t *, int, const char * ); int (*pf_handshake) ( tls_session_t *, int );
int (*pf_handshake2) ( tls_session_t * ); int (*pf_handshake2) ( tls_session_t * );
void (*pf_close) ( tls_session_t * ); void (*pf_close) ( tls_session_t * );
}; };
...@@ -91,13 +91,13 @@ VLC_EXPORT( void, tls_ServerDelete, ( tls_server_t * ) ); ...@@ -91,13 +91,13 @@ VLC_EXPORT( void, tls_ServerDelete, ( tls_server_t * ) );
# define tls_ServerSessionPrepare( a ) (((tls_server_t *)a)->pf_session_prepare (a)) # define tls_ServerSessionPrepare( a ) (((tls_server_t *)a)->pf_session_prepare (a))
# define tls_ServerSessionHandshake( a, b ) (((tls_session_t *)a)->pf_handshake (a, b, NULL)) # define tls_ServerSessionHandshake( a, b ) (((tls_session_t *)a)->pf_handshake (a, b))
# define tls_ServerSessionClose( a ) (((tls_session_t *)a)->pf_close (a)) # define tls_ServerSessionClose( a ) (((tls_session_t *)a)->pf_close (a))
VLC_EXPORT( tls_session_t *, tls_ClientCreate, ( vlc_object_t *, int, const char * ) ); VLC_EXPORT( tls_session_t *, tls_ClientCreate, ( vlc_object_t *, int, const char * ) );
VLC_EXPORT( void, tls_ClientDelete, ( tls_session_t * ) ); VLC_EXPORT( void, tls_ClientDelete, ( tls_session_t * ) );
# define tls_ClientSessionHandshake( a, b, c ) (((tls_session_t *)a)->pf_handshake (a, b, c)) # define tls_ClientSessionHandshake( a, b ) (((tls_session_t *)a)->pf_handshake (a, b))
# define tls_SessionContinueHandshake( a ) (((tls_session_t *)a)->pf_handshake2 (a)) # define tls_SessionContinueHandshake( a ) (((tls_session_t *)a)->pf_handshake2 (a))
......
...@@ -306,13 +306,11 @@ gnutls_Recv( void *p_session, void *buf, int i_length ) ...@@ -306,13 +306,11 @@ gnutls_Recv( void *p_session, void *buf, int i_length )
* needed, 2 if more would-be blocking send is required. * needed, 2 if more would-be blocking send is required.
*/ */
static int static int
gnutls_ContinueHandshake( tls_session_t *p_session) gnutls_ContinueHandshake (tls_session_t *p_session)
{ {
tls_session_sys_t *p_sys; tls_session_sys_t *p_sys = p_session->p_sys;
int val; int val;
p_sys = (tls_session_sys_t *)(p_session->p_sys);
#ifdef WIN32 #ifdef WIN32
WSASetLastError( 0 ); WSASetLastError( 0 );
#endif #endif
...@@ -461,33 +459,18 @@ error: ...@@ -461,33 +459,18 @@ error:
* Starts negociation of a TLS session. * Starts negociation of a TLS session.
* *
* @param fd stream socket already connected with the peer. * @param fd stream socket already connected with the peer.
* @param psz_hostname if not NULL, hostname to mention as a Server Name,
* and to be found in the server's certificate.
* *
* @return -1 on error (you need not and must not call tls_SessionClose), * @return -1 on error (you need not and must not call tls_SessionClose),
* 0 on succesful handshake completion, 1 if more would-be blocking recv is * 0 on succesful handshake completion, 1 if more would-be blocking recv is
* needed, 2 if more would-be blocking send is required. * needed, 2 if more would-be blocking send is required.
*/ */
static int static int
gnutls_BeginHandshake( tls_session_t *p_session, int fd, gnutls_BeginHandshake( tls_session_t *p_session, int fd )
const char *psz_hostname )
{ {
tls_session_sys_t *p_sys = p_session->p_sys; tls_session_sys_t *p_sys = p_session->p_sys;
gnutls_transport_set_ptr (p_sys->session, (gnutls_transport_ptr)(intptr_t)fd); gnutls_transport_set_ptr (p_sys->session, (gnutls_transport_ptr)(intptr_t)fd);
if( psz_hostname != NULL )
{
gnutls_server_name_set (p_sys->session, GNUTLS_NAME_DNS, psz_hostname,
strlen (psz_hostname));
p_sys->psz_hostname = strdup (psz_hostname);
if (p_sys->psz_hostname == NULL)
{
p_session->pf_close (p_session);
return -1;
}
}
return p_session->pf_handshake2( p_session ); return p_session->pf_handshake2( p_session );
} }
...@@ -774,7 +757,7 @@ static int OpenClient (vlc_object_t *obj) ...@@ -774,7 +757,7 @@ static int OpenClient (vlc_object_t *obj)
gnutls_Addx509Directory (VLC_OBJECT (p_session), p_sys->x509_cred, gnutls_Addx509Directory (VLC_OBJECT (p_session), p_sys->x509_cred,
path, VLC_TRUE); path, VLC_TRUE);
i_val = gnutls_init( &p_sys->session.session, GNUTLS_CLIENT ); i_val = gnutls_init (&p_sys->session.session, GNUTLS_CLIENT);
if (i_val != 0) if (i_val != 0)
{ {
msg_Err (obj, "cannot initialize TLS session: %s", msg_Err (obj, "cannot initialize TLS session: %s",
...@@ -797,6 +780,14 @@ static int OpenClient (vlc_object_t *obj) ...@@ -797,6 +780,14 @@ static int OpenClient (vlc_object_t *obj)
goto s_error; goto s_error;
} }
char *servername = var_GetNonEmptyString (p_session, "tls-server-name");
if (servername != NULL )
{
p_sys->session.psz_hostname = servername;
gnutls_server_name_set (p_sys->session.session, GNUTLS_NAME_DNS,
servername, strlen (servername));
}
return VLC_SUCCESS; return VLC_SUCCESS;
s_error: s_error:
......
...@@ -115,6 +115,15 @@ tls_ClientCreate (vlc_object_t *obj, int fd, const char *psz_hostname) ...@@ -115,6 +115,15 @@ tls_ClientCreate (vlc_object_t *obj, int fd, const char *psz_hostname)
if (cl == NULL) if (cl == NULL)
return NULL; return NULL;
var_Create (cl, "tls-server-name", VLC_VAR_STRING);
if (psz_hostname != NULL)
{
msg_Dbg (cl, "requested server name: %s", psz_hostname);
var_SetString (cl, "tls-server-name", psz_hostname);
}
else
msg_Dbg (cl, "requested anonymous server");
cl->p_module = module_Need (cl, "tls client", 0, 0); cl->p_module = module_Need (cl, "tls client", 0, 0);
if (cl->p_module == NULL) if (cl->p_module == NULL)
{ {
...@@ -123,7 +132,7 @@ tls_ClientCreate (vlc_object_t *obj, int fd, const char *psz_hostname) ...@@ -123,7 +132,7 @@ tls_ClientCreate (vlc_object_t *obj, int fd, const char *psz_hostname)
return NULL; return NULL;
} }
int val = tls_ClientSessionHandshake (cl, fd, psz_hostname); int val = tls_ClientSessionHandshake (cl, fd);
while (val > 0) while (val > 0)
val = tls_SessionContinueHandshake (cl); val = tls_SessionContinueHandshake (cl);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment