summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_internal.h
diff options
context:
space:
mode:
authorjsing <>2017-07-05 15:38:35 +0000
committerjsing <>2017-07-05 15:38:35 +0000
commit23f8730872473ece83a0897191d237776311af34 (patch)
tree5f54f1faf70b7c6a24b039ec374662e43b876e23 /src/lib/libtls/tls_internal.h
parent38c8cef451a204b2690aaa0d3385c8fbf25c4575 (diff)
downloadopenbsd-23f8730872473ece83a0897191d237776311af34.tar.gz
openbsd-23f8730872473ece83a0897191d237776311af34.tar.bz2
openbsd-23f8730872473ece83a0897191d237776311af34.zip
RFC 6066 states that IP literals are not permitted in "HostName" for a
TLS Server Name extension, however seemingly several clients (including Python, Ruby and Safari) violate the RFC. Given that this is a fairly widespread issue, if we receive a TLS Server Name extension that contains an IP literal, pretend that we did not receive the extension rather than causing a handshake failure. Issue raised by jsg@ ok jsg@
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions