[Help-gnutls] Re: Unknown type '0' for SNI: 'foo.domain.bar'
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Aug 20 23:43:55 CEST 2007
On Tuesday 21 August 2007, Simon Josefsson wrote:
> I found the error message, it is from mod_gnutls. The cause is a
> bug... and I'm not sure if it is in mod_gnutls or GnuTLS. The code in
> mod_gnutls is:
>
> rv = gnutls_server_name_get(ctxt->session, sni_name,
> &data_len, &sni_type, 0);
>
> if (rv != 0) {
> return NULL;
> }
>
> if (sni_type != GNUTLS_NAME_DNS) {
> ap_log_error(APLOG_MARK, APLOG_CRIT, 0,
> ctxt->c->base_server,
> "GnuTLS: Unknown type '%d' for SNI: "
> "'%s'", sni_type, sni_name);
> return NULL;
> }
>
> This looks correct, but unfortunately, the value of GNUTLS_NAME_DNS is
> 1, and the RFC uses the value 0 for this, and that is the value that is
> returned in the type variable from the gnutls_server_name_get function.
Hi,
It seems that the type is set properly in _gnutls_server_name_recv_params():
switch (type)
{
case 0: /* NAME_DNS */
if (len <= MAX_SERVER_NAME_SIZE)
{
memcpy (session->security_parameters.extensions.
server_names[i].name, p, len);
session->security_parameters.extensions.
server_names[i].name_length = len;
session->security_parameters.extensions.
server_names[i].type = GNUTLS_NAME_DNS;
break;
}
}
So this error should be from a case where server name is set and type is not
updated for some reason (maybe is left uninitialized because of a long server
name?). I'm checking it but so far no clue :)
Nikos
More information about the Gnutls-help
mailing list