[gnutls-devel] gnutls-cli vs service name

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Mon May 8 06:57:59 CEST 2017


On Sun, 2017-05-07 at 12:40 +0200, Thomas Klute wrote:
> Am 07.05.2017 um 03:03 schrieb Nikos Mavrogiannopoulos:
> > On Sat, May 6, 2017 at 6:41 PM, James Cloos <cloos at jhcloos.com>
> > wrote:
> > > I tried to use gnutls-cli to test out my xmpp server, but was
> > > unable to
> > > do so because the --starttls-proto=xmpp support uses the server
> > > name in
> > > the jabber:client bit of xml rather than a service name.
> > > 
> > > And the server vs service issue is more generic.  All of the SRV
> > > protos
> > > of course require supplying both service and server, but even
> > > https can
> > > need both, such as when testing a new server before switching the
> > > A RRs.
> > > 
> > > How do you feel about a --service-name option?  Or maybe just --
> > > service?
> > 
> > Would that be useful on any other option than xmpp? If it is only
> > related with xmpp, would the option of using
> > --starttls-proto=xmpp:service work?
> 
> I don't use gnutls-cli with STARTTLS, I but would like to have a
> similar
> feature to set the host name for SNI, e.g. for testing HTTPS servers
> with name based virtual hosts. If I want to test such a server at the
> moment, I have to make sure that gnutls-cli can actually resolve the
> virtual host names I want to use in a way that points to the test
> system. Something like
> 
>   gnutls-cli --sni-host=test.example.com -p 443 ::1
> 
> would be very helpful.

Right. I thought gnutls-cli had such an option but I mistook it for the
option in gnutls-serv.

An option like that seems trivial to add so I've made a merge request
at [0], however, I'll wait in case Jim has a better option that can
merge both SNI and SRV.

regards,
Nikos

[0]. https://gitlab.com/gnutls/gnutls/merge_requests/377




More information about the Gnutls-devel mailing list