New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vtls: add a MesaLink vtls backend #2984

Closed
wants to merge 4 commits into
base: master
from

Conversation

Projects
None yet
2 participants
@kevinis
Contributor

kevinis commented Sep 12, 2018

Squashed from PR #2874 and rebased on commit 92f9db1

MesaLink is a TLS library written in 100% Rust, a programming
language that guarantees memory safety. This PR adds MesaLink as a vtls
backend for curl.

kevinis added some commits Sep 10, 2018

@kevinis

This comment has been minimized.

Contributor

kevinis commented Sep 12, 2018

Hi @bagder, here are the squashed commits for the MesaLink vtls backend.

The "localhost-hack" for SNI is now for CURLDEBUG-builds only:

curl/lib/vtls/mesalink.c

Lines 204 to 223 in 0e828be

else {
#ifdef CURLDEBUG
/* Check if the hostname is 127.0.0.1 or [::1];
* otherwise reject because MesaLink always wants a valid DNS Name
* specified in RFC 5280 Section 7.2 */
if(strncmp(hostname, "127.0.0.1", 9) == 0
#ifdef ENABLE_IPV6
|| strncmp(hostname, "[::1]", 5) == 0
#endif
) {
SSL_set_tlsext_host_name(BACKEND->handle, "localhost");
}
else
#endif
{
failf(data,
"ERROR: MesaLink does not accept an IP address as a hostname\n");
return CURLE_SSL_CONNECT_ERROR;
}
}

@bagder

bagder approved these changes Sep 13, 2018

👍

@bagder bagder closed this in 57348eb Sep 13, 2018

@bagder

This comment has been minimized.

Member

bagder commented Sep 13, 2018

Thanks @kevinis. Nice work! Merged now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment