OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
SNI support added to libtls, httpd in -current
Contributed by rueda on Tue Aug 23 00:31:31 2016 (GMT)
from the knights-who-say-SNI dept.

Joel Sing (jsing@) has added server-side Server Name Indication (SNI) support to libtls and, based on that, to httpd.

This work involved several commits, including, for libtls:

CVSROOT:	/cvs
Module name:	src
Changes by:	jsing@cvs.openbsd.org	2016/08/22 08:55:59

Modified files:
	lib/libtls     : tls.h tls_config.c tls_conninfo.c tls_init.3 
	                 tls_internal.h 

Log message:
Provide an API that enables server side SNI support - add the ability to
provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and
allow the server to determine what servername the client requested (via
tls_conn_servername()).

ok beck@

and for httpd:

CVSROOT:	/cvs
Module name:	src
Changes by:	jsing@cvs.openbsd.org	2016/08/22 09:02:18

Modified files:
	usr.sbin/httpd : httpd.h parse.y server.c 

Log message:
Enable SNI support in httpd(8).

ok reyk@

These changes broaden the compatibility of (and thus usage scenarios for) libtls and httpd.

[topiccrypto]

<< n2k16 hackathon report: guenther@ on RELRO support in binutils and arch specific cleanup | Reply | Flattened | Expanded | Reminder: Early registration for EuroBSDcon 2016 ends Aug 24 >>

Threshold: Help

Related Links
more by rueda


  Re: SNI support added to libtls, httpd in -current (mod 14/124)
by Michael W Lucas (agshekeloh) (mwlucas@michaelwlucas.com) on Tue Aug 23 12:33:05 2016 (GMT)
http://www.michaelwlucas.com
  Yay! This was the last thing I was waiting on.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod 4/118)
by Anonymous Coward (91.82.167.156) on Tue Aug 23 18:41:33 2016 (GMT)
  Is this ends the elinks errors? see<a href="http://stackoverflow.com/questions/36381767/ssl-certificates-and-elinks">stackoverflow</a>
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod 3/119)
by Ilyas Bakirov (92.47.120.67) on Wed Aug 24 04:15:37 2016 (GMT)
  Thanks, feature is most wanted in httpd ;)
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod 3/129)
by Alexis (176.6.17.7) on Wed Aug 24 06:31:23 2016 (GMT)
  Sweet this will be very useful to use Let's Encrypt with httpd.
Will the changes make it into 6.0?
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod -1/129)
by Anonymous Coward (91.241.33.66) on Wed Aug 24 10:46:27 2016 (GMT)
  What is status of Lua-based rewrites?
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod -2/54)
by Emetria (89.205.61.136) on Tue Jan 31 07:38:59 2017 (GMT)
  The support of it is something that we were waiting for quite some time. Good job! Buy instagram followers!
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: SNI support added to libtls, httpd in -current (mod -2/48)
by mxffiles (218.11.246.179) on Tue Feb 7 06:35:45 2017 (GMT)
  This is a very good post which I really enjoy reading. It is not every day that I have the possibility to see something like this. Software mxf Software mxf converter free download to convert HD camcorder files. ts converter convert ts video files to avi, mp4, wmv, mov mts to avi mp4 mov mkv iMovie, FCP/FCE with mts converter, so to convert mts files for your PC and mobiles. mod converter and convert tod files just free download mod video converter. m2ts
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]