From dda35f6c72fa7d648702a561462c1af5a758ecbd Mon Sep 17 00:00:00 2001 From: Guillaume Cornu Date: Fri, 30 Aug 2024 10:49:24 +0200 Subject: [PATCH] feat: set hostname for SNI Set the hostname so that the server can use it to select the correct certificate (SNI). 1. add host parameter to TLSTransport function and set hostname SSLContext parameter only if it was not provided as an IPV4 or IPV6 address 2. forward host from transport function call to TLSTransport. --- src/transport/tls.jl | 8 +++++++- src/transport/transport.jl | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/transport/tls.jl b/src/transport/tls.jl index 7656a99..55576b0 100644 --- a/src/transport/tls.jl +++ b/src/transport/tls.jl @@ -4,10 +4,16 @@ struct TLSTransport <: RedisTransport sslconfig::MbedTLS.SSLConfig buff::IOBuffer - function TLSTransport(sock::TCPSocket, sslconfig::MbedTLS.SSLConfig) + function TLSTransport(host::AbstractString, sock::TCPSocket, sslconfig::MbedTLS.SSLConfig) ctx = MbedTLS.SSLContext() MbedTLS.setup!(ctx, sslconfig) MbedTLS.associate!(ctx, sock) + # set hostname only if it's not an IP adress + try + parse(IPAddr, host) + catch x + MbedTLS.hostname!(ctx, host) + end MbedTLS.handshake(ctx) return new(sock, ctx, sslconfig, PipeBuffer()) diff --git a/src/transport/transport.jl b/src/transport/transport.jl index 8444209..6a15473 100644 --- a/src/transport/transport.jl +++ b/src/transport/transport.jl @@ -26,7 +26,7 @@ include("tcp.jl") function transport(host::AbstractString, port::Integer, sslconfig::Union{MbedTLS.SSLConfig, Nothing}=nothing) socket = connect(host, port) - return (sslconfig !== nothing) ? TLSTransport(socket, sslconfig) : TCPTransport(socket) + return (sslconfig !== nothing) ? TLSTransport(host, socket, sslconfig) : TCPTransport(socket) end end # module Transport \ No newline at end of file