[PATCH] SSL: cast hostname in SSL_set_tlsext_host_name()

Piotr Sikora piotr at cloudflare.com
Thu Jun 18 10:39:40 UTC 2015


# HG changeset patch
# User Piotr Sikora <piotr at cloudflare.com>
# Date 1434623803 25200
#      Thu Jun 18 03:36:43 2015 -0700
# Node ID 175c159113f26dac29f246b01a9195d90551ee3c
# Parent  c3ec43580a48114dfd28186f43e773fcfe211337
SSL: cast hostname in SSL_set_tlsext_host_name().

Both OpenSSL and LibreSSL use macros and type casts to implement
SSL_{CTX_}set_* functions, but BoringSSL promoted them to proper
functions, so they require parameters with correct types now.

Signed-off-by: Piotr Sikora <piotr at cloudflare.com>

diff -r c3ec43580a48 -r 175c159113f2 src/http/ngx_http_upstream.c
--- a/src/http/ngx_http_upstream.c	Wed Jun 17 17:57:34 2015 +0300
+++ b/src/http/ngx_http_upstream.c	Thu Jun 18 03:36:43 2015 -0700
@@ -1657,7 +1657,9 @@ ngx_http_upstream_ssl_name(ngx_http_requ
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "upstream SSL server name: \"%s\"", name.data);
 
-    if (SSL_set_tlsext_host_name(c->ssl->connection, name.data) == 0) {
+    if (SSL_set_tlsext_host_name(c->ssl->connection, (const char *) name.data)
+        == 0)
+    {
         ngx_ssl_error(NGX_LOG_ERR, r->connection->log, 0,
                       "SSL_set_tlsext_host_name(\"%s\") failed", name.data);
         return NGX_ERROR;
diff -r c3ec43580a48 -r 175c159113f2 src/stream/ngx_stream_proxy_module.c
--- a/src/stream/ngx_stream_proxy_module.c	Wed Jun 17 17:57:34 2015 +0300
+++ b/src/stream/ngx_stream_proxy_module.c	Thu Jun 18 03:36:43 2015 -0700
@@ -792,7 +792,8 @@ ngx_stream_proxy_ssl_name(ngx_stream_ses
     ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
                    "upstream SSL server name: \"%s\"", name.data);
 
-    if (SSL_set_tlsext_host_name(u->peer.connection->ssl->connection, name.data)
+    if (SSL_set_tlsext_host_name(u->peer.connection->ssl->connection,
+                                 (const char *) name.data)
         == 0)
     {
         ngx_ssl_error(NGX_LOG_ERR, s->connection->log, 0,



More information about the nginx-devel mailing list