kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Alternative TLS implementation in Go
241 Commits 3 Branches 0 Tags 2.6 MiB
Go 99.8%
Shell 0.2%
25dd71bbe6
Go to file
Adam Langley 25dd71bbe6 crypto/tls: don't send IP literals as SNI values. 
https://tools.ietf.org/html/rfc6066#section-3 states:

  “Literal IPv4 and IPv6 addresses are not permitted in "HostName".”

However, if an IP literal was set as Config.ServerName (which could
happen as easily as calling Dial with an IP address) then the code would
send the IP literal as the SNI value.

This change filters out IP literals, as recognised by net.ParseIP, from
being sent as the SNI value.

Fixes #13111.

Change-Id: Ie9ec7acc767ae172b48c9c6dd8d84fa27b1cf0de
Reviewed-on: https://go-review.googlesource.com/16742
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
2015-11-09 23:09:48 +00:00
testdata crypto/tls: update testing certificates. 2015-08-05 19:06:51 +00:00
alert.go crypto/tls: support TLS_FALLBACK_SCSV as a server. 2014-10-15 17:54:04 -07:00
cipher_suites.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
common.go crypto/tls: don't send IP literals as SNI values. 2015-11-09 23:09:48 +00:00
conn_test.go crypto/tls: Added dynamic alternative to NameToCertificate map for SNI 2014-08-06 11:22:00 -07:00
conn.go crypto/tls: check cert chain during VerifyHostname 2015-07-22 17:32:00 +00:00
example_test.go crypto/x509: add example of using a custom root list. 2014-02-19 11:18:35 -05:00
generate_cert.go crypto/tls: Support ECDSA keys in generate_cert.go 2014-07-28 14:46:34 -07:00
handshake_client_test.go crypto/tls: don't send IP literals as SNI values. 2015-11-09 23:09:48 +00:00
handshake_client.go crypto/tls: don't send IP literals as SNI values. 2015-11-09 23:09:48 +00:00
handshake_messages_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
handshake_messages.go crypto/tls: reject ServerHellos with empty ALPN protocols. 2015-08-30 15:33:36 +00:00
handshake_server_test.go all: fix some vet-caught formatting errors, mostly but not only in tests 2015-08-21 05:37:36 +00:00
handshake_server.go crypto/tls: don't require an explicit client-auth EKU. 2015-06-09 15:48:24 +00:00
handshake_test.go crypto/tls: rework reference tests. 2013-12-20 11:37:05 -05:00
key_agreement.go all: fix misprints in comments 2015-06-11 14:18:57 +00:00
prf_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
prf.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
ticket.go crypto/tls: add support for session ticket key rotation 2015-04-26 20:57:28 +00:00
tls_test.go crypto/tls: better error messages when PEM inputs are switched. 2015-09-30 00:27:46 +00:00
tls.go crypto/tls: better error messages when PEM inputs are switched. 2015-09-30 00:27:46 +00:00