upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Dig: carefully check if the server name for SNI is a hostname

Browse source 
Previously the code would not check if the string intended to be used
for SNI is a hostname.
This commit is contained in:
Artem Boldariev 2025-03-14 21:35:39 +02:00
parent 1f199ee606
commit 16a306687a
1 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
bin/dig/dighost.c
View file

@ -2780,8 +2780,19 @@ _cancel_lookup(dig_lookup_t *lookup, const char *file, unsigned int line) {
static inline const char *
get_tls_sni_hostname(dig_query_t *query) {
return query->lookup->tls_hostname_set ? query->lookup->tls_hostname
: query->userarg;
const char *hostname = query->lookup->tls_hostname_set
? query->lookup->tls_hostname
: query->userarg;
if (query->lookup->tls_hostname_set) {
return query->lookup->tls_hostname;
}
if (isc_tls_valid_sni_hostname(hostname)) {
return hostname;
}
return NULL;
}
static isc_tlsctx_t *