Bug 421634: Don't send an SNI Client Hello extension bearing an IPv6 address

r=wtc,julien.pierre
author: nelson%bolyard.com <devnull@localhost> 2008-10-06 22:04:15 +0000
committer: nelson%bolyard.com <devnull@localhost> 2008-10-06 22:04:15 +0000
commit: cfb309dd0b0c874b648bfc49edeeb20c7562bb4d (patch)
tree: c76fedd9b21add17540e5fd236ed2ac285e5976a /security/nss
parent: 39f8ffdabf9988368c8446caea80facd4b50824a (diff)
download: nss-hg-cfb309dd0b0c874b648bfc49edeeb20c7562bb4d.tar.gz
1 files changed, 8 insertions, 7 deletions
diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c
index 0857e5186..c4a7b151e 100644
--- a/security/nss/lib/ssl/ssl3ext.c
+++ b/security/nss/lib/ssl/ssl3ext.c
@@ -291,17 +291,18 @@ ssl3_SendServerNameXtn(
 			PRBool      append,
 			PRUint32    maxBytes)
 {
-    PRUint32 len, span;
+    PRUint32 len;
+    PRNetAddr netAddr;
+
     /* must have a hostname */
     if (!ss || !ss->url || !ss->url[0])
     	return 0;
-    /* must have at lest one character other than [0-9\.] */
-    len  = PORT_Strlen(ss->url);
-    span = strspn(ss->url, "0123456789.");
-    if (len == span) {
-    	/* is a dotted decimal IP address */
-	return 0;
+    /* must not be an IPv4 or IPv6 address */
+    if (PR_SUCCESS == PR_StringToNetAddr(ss->url, &netAddr)) {
+        /* is an IP address (v4 or v6) */
+        return 0;
     }
+    len  = PORT_Strlen(ss->url);
     if (append && maxBytes >= len + 9) {
 	SECStatus rv;
 	/* extension_type */
author	nelson%bolyard.com <devnull@localhost>	2008-10-06 22:04:15 +0000
committer	nelson%bolyard.com <devnull@localhost>	2008-10-06 22:04:15 +0000
commit	cfb309dd0b0c874b648bfc49edeeb20c7562bb4d (patch)
tree	c76fedd9b21add17540e5fd236ed2ac285e5976a /security/nss
parent	39f8ffdabf9988368c8446caea80facd4b50824a (diff)
download	nss-hg-cfb309dd0b0c874b648bfc49edeeb20c7562bb4d.tar.gz