Attachment #315259 for bug #421067

Lines 54-59 as that of the covered work. */ Link Here

(-)a/src/gnutls.c (-1 / +11 lines)
54	# include "w32sock.h"	54	# include "w32sock.h"
55	#endif	55	#endif
56		56
		57	#include "host.h"
		58
57	static int	59	static int
58	key_type_to_gnutls_type (enum keyfile_type type)	60	key_type_to_gnutls_type (enum keyfile_type type)
59	{	61	{
Lines 369-380 static struct transport_implementation wgnutls_transport = Link Here
369	};	371	};
370		372
371	bool	373	bool
372	ssl_connect_wget (int fd)	374	ssl_connect_wget (int fd, const char *hostname)
373	{	375	{
374	struct wgnutls_transport_context *ctx;	376	struct wgnutls_transport_context *ctx;
375	gnutls_session session;	377	gnutls_session session;
376	int err;	378	int err;
377	gnutls_init (&session, GNUTLS_CLIENT);	379	gnutls_init (&session, GNUTLS_CLIENT);
		380
		381	/* We set the server name but only if it's not an IP address. */
		382	if (! is_valid_ip_address (hostname))
		383	{
		384	gnutls_server_name_set (session, GNUTLS_NAME_DNS, hostname,
		385	strlen (hostname));
		386	}
		387
378	gnutls_set_default_priority (session);	388	gnutls_set_default_priority (session);
379	gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, credentials);	389	gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, credentials);
380	#ifndef FD_TO_SOCKET	390	#ifndef FD_TO_SOCKET




/* Host name resolution and matching.
   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
   2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software Foundation,
   Inc.

This file is part of GNU Wget.

      host_name_addresses_map = NULL;
    }
}

bool
is_valid_ip_address (const char *name)
{
  const char *endp;

  endp = name + strlen(name);
  if (is_valid_ipv4_address (name, endp))
    return true;
#ifdef ENABLE_IPV6
  if (is_valid_ipv6_address (name, endp))
    return true;
#endif
  return false;
}

Lines 1-6 Link Here

(-)a/src/host.h (-1 / +3 lines)
1	/* Declarations for host.c	1	/* Declarations for host.c
2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,	2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3	2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,	3	2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software Foundation,
4	Inc.	4	Inc.
5		5
6	This file is part of GNU Wget.	6	This file is part of GNU Wget.
Lines 98-103 const char print_address (const ip_address ); Link Here
98	bool is_valid_ipv6_address (const char , const char );	98	bool is_valid_ipv6_address (const char , const char );
99	#endif	99	#endif
100		100
		101	bool is_valid_ip_address (const char *name);
		102
101	bool accept_domain (struct url *);	103	bool accept_domain (struct url *);
102	bool sufmatch (const char *, const char );	104	bool sufmatch (const char *, const char );
103		105

Lines 1-6 Link Here

(-)a/src/http.c (-2 / +2 lines)
1	/* HTTP support.	1	/* HTTP support.
2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,	2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3	2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,	3	2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software Foundation,
4	Inc.	4	Inc.
5		5
6	This file is part of GNU Wget.	6	This file is part of GNU Wget.
Lines 2082-2088 gethttp (struct url u, struct http_stat hs, int dt, struct url proxy, Link Here
2082		2082
2083	if (conn->scheme == SCHEME_HTTPS)	2083	if (conn->scheme == SCHEME_HTTPS)
2084	{	2084	{
2085	if (!ssl_connect_wget (sock))	2085	if (!ssl_connect_wget (sock, u->host))
2086	{	2086	{
2087	fd_close (sock);	2087	fd_close (sock);
2088	return CONSSLERR;	2088	return CONSSLERR;




/* SSL support via OpenSSL library.
   Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
   2009, 2010, 2011, 2012 Free Software Foundation, Inc.
   Originally contributed by Christian Fraenkel.

This file is part of GNU Wget.

   Returns true on success, false on failure.  */

bool
ssl_connect_wget (int fd, const char *hostname)
{
  SSL *conn;
  struct openssl_transport_context *ctx;

  conn = SSL_new (ssl_ctx);
  if (!conn)
    goto error;
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
  /* If the SSL library was build with support for ServerNameIndication
     then use it whenever we have a hostname.  If not, don't, ever. */
  if (! is_valid_ip_address (hostname))
    {
      if (! SSL_set_tlsext_host_name (conn, hostname))
	{
	DEBUGP (("Failed to set TLS server-name indication."));
	goto error;
	}
    }
#endif

#ifndef FD_TO_SOCKET
# define FD_TO_SOCKET(X) (X)
#endif

Lines 1-6 Link Here

(-)a/src/ssl.h (-3 / +2 lines)
1	/* SSL support.	1	/* SSL support.
2	Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,	2	Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
3	2009, 2010, 2011 Free Software Foundation, Inc.	3	2009, 2010, 2011, 2012 Free Software Foundation, Inc.
4	Originally contributed by Christian Fraenkel.	4	Originally contributed by Christian Fraenkel.
5		5
6	This file is part of GNU Wget.	6	This file is part of GNU Wget.
Lines 33-39 as that of the covered work. */ Link Here
33	#define GEN_SSLFUNC_H	33	#define GEN_SSLFUNC_H
34		34
35	bool ssl_init (void);	35	bool ssl_init (void);
36	bool ssl_connect_wget (int);	36	bool ssl_connect_wget (int, const char *);
37	bool ssl_check_certificate (int, const char *);	37	bool ssl_check_certificate (int, const char *);
38		38
39	#endif /* GEN_SSLFUNC_H */	39	#endif /* GEN_SSLFUNC_H */
40	-

Return to bug 421067

Lines 1-6 Link Here

(-)a/src/host.c (-1 / +16 lines)
1	/* Host name resolution and matching.	1	/* Host name resolution and matching.
2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,	2	Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3	2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,	3	2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software Foundation,
4	Inc.	4	Inc.
5		5
6	This file is part of GNU Wget.	6	This file is part of GNU Wget.
Lines 914-916 host_cleanup (void) Link Here
914	host_name_addresses_map = NULL;	914	host_name_addresses_map = NULL;
915	}	915	}
916	}	916	}
		917
		918	bool
		919	is_valid_ip_address (const char *name)
		920	{
		921	const char *endp;
		922
		923	endp = name + strlen(name);
		924	if (is_valid_ipv4_address (name, endp))
		925	return true;
		926	#ifdef ENABLE_IPV6
		927	if (is_valid_ipv6_address (name, endp))
		928	return true;
		929	#endif
		930	return false;
		931	}

Lines 1-6 Link Here

(-)a/src/openssl.c (-2 / +15 lines)
1	/* SSL support via OpenSSL library.	1	/* SSL support via OpenSSL library.
2	Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,	2	Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
3	2009, 2010, 2011 Free Software Foundation, Inc.	3	2009, 2010, 2011, 2012 Free Software Foundation, Inc.
4	Originally contributed by Christian Fraenkel.	4	Originally contributed by Christian Fraenkel.
5		5
6	This file is part of GNU Wget.	6	This file is part of GNU Wget.
Lines 395-401 static struct transport_implementation openssl_transport = { Link Here
395	Returns true on success, false on failure. */	395	Returns true on success, false on failure. */
396		396
397	bool	397	bool
398	ssl_connect_wget (int fd)	398	ssl_connect_wget (int fd, const char *hostname)
399	{	399	{
400	SSL *conn;	400	SSL *conn;
401	struct openssl_transport_context *ctx;	401	struct openssl_transport_context *ctx;
Lines 406-411 ssl_connect_wget (int fd) Link Here
406	conn = SSL_new (ssl_ctx);	406	conn = SSL_new (ssl_ctx);
407	if (!conn)	407	if (!conn)
408	goto error;	408	goto error;
		409	#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
		410	/* If the SSL library was build with support for ServerNameIndication
		411	then use it whenever we have a hostname. If not, don't, ever. */
		412	if (! is_valid_ip_address (hostname))
		413	{
		414	if (! SSL_set_tlsext_host_name (conn, hostname))
		415	{
		416	DEBUGP (("Failed to set TLS server-name indication."));
		417	goto error;
		418	}
		419	}
		420	#endif
		421
409	#ifndef FD_TO_SOCKET	422	#ifndef FD_TO_SOCKET
410	# define FD_TO_SOCKET(X) (X)	423	# define FD_TO_SOCKET(X) (X)
411	#endif	424	#endif