h2load, nghttp: Use SNI field for non-numeric host

This commit is contained in:
Tatsuhiro Tsujikawa 2014-03-15 15:32:38 +09:00
parent 843ecd8cc1
commit a457d2a138
7 changed files with 32 additions and 21 deletions

View File

@ -124,6 +124,13 @@ int Client::connect()
{
if(config.scheme == "https") {
ssl = SSL_new(worker->ssl_ctx);
auto config = worker->config;
if(!util::numeric_host(config->host.c_str())) {
SSL_set_tlsext_host_name(ssl, config->host.c_str());
}
bev = bufferevent_openssl_socket_new(worker->evbase, -1, ssl,
BUFFEREVENT_SSL_CONNECTING,
BEV_OPT_DEFER_CALLBACKS);

View File

@ -444,10 +444,11 @@ struct HttpClient {
} else {
host_string = host.c_str();
}
if (!SSL_set_tlsext_host_name(ssl, host_string)) {
std::cerr << ERR_error_string(ERR_get_error(), nullptr) << std::endl;
return -1;
if (!util::numeric_host(host_string)) {
SSL_set_tlsext_host_name(ssl, host_string);
}
bev = bufferevent_openssl_socket_new(evbase, -1, ssl,
BUFFEREVENT_SSL_CONNECTING,
BEV_OPT_DEFER_CALLBACKS);

View File

@ -421,7 +421,7 @@ int Http2Session::initiate_connection()
sni_name = get_config()->downstream_host;
}
if(!ssl::numeric_host(sni_name)) {
if(!util::numeric_host(sni_name)) {
// TLS extensions: SNI. There is no documentation about the return
// code for this function (actually this is macro wrapping SSL_ctrl
// at the time of this writing).

View File

@ -485,20 +485,6 @@ ClientHandler* accept_connection
}
}
bool numeric_host(const char *hostname)
{
struct addrinfo hints;
struct addrinfo* res;
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_flags = AI_NUMERICHOST;
if(getaddrinfo(hostname, nullptr, &hints, &res)) {
return false;
}
freeaddrinfo(res);
return true;
}
namespace {
bool tls_hostname_match(const char *pattern, const char *hostname)
{
@ -541,7 +527,7 @@ int verify_hostname(const char *hostname,
const std::vector<std::string>& ip_addrs,
const std::string& common_name)
{
if(numeric_host(hostname)) {
if(util::numeric_host(hostname)) {
if(ip_addrs.empty()) {
return util::strieq(common_name.c_str(), hostname) ? 0 : -1;
}

View File

@ -52,8 +52,6 @@ ClientHandler* accept_connection
evutil_socket_t fd,
sockaddr *addr, int addrlen);
bool numeric_host(const char *hostname);
int check_cert(SSL *ssl);
// Retrieves DNS and IP address in subjectAltNames and commonName from

View File

@ -25,6 +25,9 @@
#include "util.h"
#include <time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <cassert>
#include <cstdio>
@ -529,6 +532,20 @@ size_t EvbufferBuffer::get_buflen() const
return buflen_;
}
bool numeric_host(const char *hostname)
{
struct addrinfo hints;
struct addrinfo* res;
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_flags = AI_NUMERICHOST;
if(getaddrinfo(hostname, nullptr, &hints, &res)) {
return false;
}
freeaddrinfo(res);
return true;
}
} // namespace util
} // namespace nghttp2

View File

@ -449,6 +449,8 @@ private:
size_t buflen_;
};
bool numeric_host(const char *hostname);
} // namespace util
} // namespace nghttp2