Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vtls: add a MesaLink vtls backend #2984

Closed
wants to merge 4 commits into from

Conversation

Projects
None yet
2 participants
@kevinis
Copy link
Contributor

commented Sep 12, 2018

Squashed from PR #2874 and rebased on commit 92f9db1

MesaLink is a TLS library written in 100% Rust, a programming
language that guarantees memory safety. This PR adds MesaLink as a vtls
backend for curl.

kevinis added some commits Sep 10, 2018

@kevinis

This comment has been minimized.

Copy link
Contributor Author

commented Sep 12, 2018

Hi @bagder, here are the squashed commits for the MesaLink vtls backend.

The "localhost-hack" for SNI is now for CURLDEBUG-builds only:

curl/lib/vtls/mesalink.c

Lines 204 to 223 in 0e828be

else {
#ifdef CURLDEBUG
/* Check if the hostname is 127.0.0.1 or [::1];
* otherwise reject because MesaLink always wants a valid DNS Name
* specified in RFC 5280 Section 7.2 */
if(strncmp(hostname, "127.0.0.1", 9) == 0
#ifdef ENABLE_IPV6
|| strncmp(hostname, "[::1]", 5) == 0
#endif
) {
SSL_set_tlsext_host_name(BACKEND->handle, "localhost");
}
else
#endif
{
failf(data,
"ERROR: MesaLink does not accept an IP address as a hostname\n");
return CURLE_SSL_CONNECT_ERROR;
}
}

@bagder

bagder approved these changes Sep 13, 2018

Copy link
Member

left a comment

👍

@bagder bagder closed this in 57348eb Sep 13, 2018

@bagder

This comment has been minimized.

Copy link
Member

commented Sep 13, 2018

Thanks @kevinis. Nice work! Merged now.

@lock lock bot locked as resolved and limited conversation to collaborators Dec 12, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.