Philipp Hörist pushed to branch master at gajim / python-nbxmpp
Commits:
982cac79 by Philipp Hörist at 2018-01-20T18:35:13+01:00
Set SNI EXT when using DirectTLS
See XEP-0368
- - - - -
1 changed file:
- nbxmpp/tls_nb.py
Changes:
=====================================
nbxmpp/tls_nb.py
=====================================
--- a/nbxmpp/tls_nb.py
+++ b/nbxmpp/tls_nb.py
@@ -377,7 +377,7 @@ class NonBlockingTLS(PlugIn):
except AttributeError as e:
# py-OpenSSL < 0.9 or old OpenSSL
flags |= 16384
-
+
if self.alpn:
# XEP-0368 set ALPN Protocol
tcpsock._sslContext.set_alpn_protos([b'xmpp-client'])
@@ -453,6 +453,11 @@ class NonBlockingTLS(PlugIn):
tcpsock._sslObj = OpenSSL.SSL.Connection(tcpsock._sslContext,
tcpsock._sock)
tcpsock._sslObj.set_connect_state() # set to client mode
+
+ if self.alpn:
+ # Set SNI EXT on the SSL Connection object, see XEP-0368
+
tcpsock._sslObj.set_tlsext_host_name(tcpsock._owner.Server.encode())
+
wrapper = PyOpenSSLWrapper(tcpsock._sslObj)
tcpsock._recv = wrapper.recv
tcpsock._send = wrapper.send
View it on GitLab:
https://dev.gajim.org/gajim/python-nbxmpp/commit/982cac796f3fa227c76ddb0d3e5e775c1ba39577
---
View it on GitLab:
https://dev.gajim.org/gajim/python-nbxmpp/commit/982cac796f3fa227c76ddb0d3e5e775c1ba39577
You're receiving this email because of your account on dev.gajim.org.
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits
