kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit afd418297550d3de0e133e8f5de0881ae31855ad
parent f62430d1fadad06b35bd0dcd7e0cc2b0768c7d44
Author: Joris Vink <joris@coders.se>
Date:   Wed,  8 Jun 2016 16:46:28 +0200

Throw a handshake failure if we cannot find the given SNI hostname.

Diffstat:
src/kore.c | 5+++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/kore.c b/src/kore.c @@ -202,7 +202,7 @@ main(int argc, char *argv[]) #if !defined(KORE_NO_TLS) int -kore_tls_sni_cb(SSL *ssl, int *ad, void *arg) +kore_tls_sni_cb(SSL *ssl, int *al, void *arg) { struct kore_domain *dom; const char *sname; @@ -224,7 +224,8 @@ kore_tls_sni_cb(SSL *ssl, int *ad, void *arg) return (SSL_TLSEXT_ERR_OK); } - return (SSL_TLSEXT_ERR_NOACK); + *al = SSL_AD_HANDSHAKE_FAILURE; + return (SSL_TLSEXT_ERR_ALERT_FATAL); } void