diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-05-08 06:13:59 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-10 10:35:12 +0200 |
commit | 163507fd61084c7f56359e422a971f484a7c194f (patch) | |
tree | 9f43f822f82635b2da33aa6e429e63afb00f4557 | |
parent | 10de5e4965876c34fcc9ebbf975be186ad80dad3 (diff) | |
download | gnutls-163507fd61084c7f56359e422a971f484a7c194f.tar.gz |
gnutls-cli: introduced --sni-hostname option
This allows overriding the value set on the TLS server name indication
extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | src/cli-args.def | 7 | ||||
-rw-r--r-- | src/cli.c | 5 |
2 files changed, 11 insertions, 1 deletions
diff --git a/src/cli-args.def b/src/cli-args.def index 202afcd9a0..69917596f2 100644 --- a/src/cli-args.def +++ b/src/cli-args.def @@ -81,6 +81,13 @@ flag = { }; flag = { + name = sni-hostname; + descrip = "Server's hostname for server name indication extension"; + arg-type = string; + doc = "Set explicitly the server name used in the TLS server name indication extension. That is useful when testing with servers setup on different DNS name than the intended. If not specified, the provided hostname is used."; +}; + +flag = { name = starttls; value = s; descrip = "Connect, establish a plain session and start TLS"; @@ -695,7 +695,10 @@ gnutls_session_t init_tls_session(const char *host) /* allow the use of private ciphersuites. */ if (disable_extensions == 0 && disable_sni == 0) { - if (host != NULL && is_ip(host) == 0) + if (HAVE_OPT(SNI_HOSTNAME)) { + gnutls_server_name_set(session, GNUTLS_NAME_DNS, + OPT_ARG(SNI_HOSTNAME), strlen(OPT_ARG(SNI_HOSTNAME))); + } else if (host != NULL && is_ip(host) == 0) gnutls_server_name_set(session, GNUTLS_NAME_DNS, host, strlen(host)); } |