core: set server name when connecting to server with TLS (SNI extension) only if...

diff --git a/ChangeLog.adoc b/ChangeLog.adoc
index 5693d577994942c3f065d32b9ff9e3af8a443b60..833ea9da98551ae99f1a1c298b28c9a58775ba99 100644 (file)
--- a/ChangeLog.adoc
+++ b/ChangeLog.adoc
@@ -46,6 +46,7 @@ New features::
 
 Bug fixes::
 
+  * core: set server name when connecting to server with TLS (SNI extension) only if it's not an IPV4/IPv6 (issue #1635)
   * core: use function mallinfo2 instead of mallinfo when available (issue #1636)
   * core: display a warning when the file with certificate authorities is not found (option weechat.network.gnutls_ca_file)
   * core: evaluate left/right part of comparison after split on the comparison operator in ${if:xxx} (issue #1627)

diff --git a/doc/en/weechat_dev.en.adoc b/doc/en/weechat_dev.en.adoc
index 78b506cb81352aaf4b7d06d4eee0ecbd762606eb..34b7e7358c9f7d1ac5305209847e9f29e1a0df4a 100644 (file)
--- a/doc/en/weechat_dev.en.adoc
+++ b/doc/en/weechat_dev.en.adoc
@@ -397,12 +397,14 @@ WeeChat "core" is located in following directories:
 |          test-core-arraylist.cpp  | Tests: arraylists.
 |          test-core-calc.cpp       | Tests: calculation of expressions.
 |          test-core-crypto.cpp     | Tests: cryptographic functions.
+|          test-core-dir.cpp        | Tests: directory/file functions.
 |          test-core-eval.cpp       | Tests: evaluation of expressions.
 |          test-core-hashtble.cpp   | Tests: hashtables.
 |          test-core-hdata.cpp      | Tests: hdata.
 |          test-core-hook.cpp       | Tests: hooks.
 |          test-core-infolist.cpp   | Tests: infolists.
 |          test-core-list.cpp       | Tests: lists.
+|          test-core-network.cpp    | Tests: network functions.
 |          test-core-secure.cpp     | Tests: secured data.
 |          test-core-signal.cpp     | Tests: signals.
 |          test-core-string.cpp     | Tests: strings.

diff --git a/doc/fr/weechat_dev.fr.adoc b/doc/fr/weechat_dev.fr.adoc
index 6fee2429ad180363bbbfd7914e40de92f13e5f4d..cdd807ee3a770a8de6366889329681b8e094c157 100644 (file)
--- a/doc/fr/weechat_dev.fr.adoc
+++ b/doc/fr/weechat_dev.fr.adoc
@@ -399,12 +399,14 @@ Le cœur de WeeChat est situé dans les répertoires suivants :
 |          test-core-arraylist.cpp  | Tests : listes avec tableau (« arraylists »).
 |          test-core-calc.cpp       | Tests : calcul d'expressions.
 |          test-core-crypto.cpp     | Tests : fonctions cryptographiques.
+|          test-core-dir.cpp        | Tests : répertoires/fichiers.
 |          test-core-eval.cpp       | Tests : évaluation d'expressions.
 |          test-core-hashtble.cpp   | Tests : tables de hachage.
 |          test-core-hdata.cpp      | Tests : hdata.
 |          test-core-hook.cpp       | Tests : hooks.
 |          test-core-infolist.cpp   | Tests : infolists.
 |          test-core-list.cpp       | Tests : listes.
+|          test-core-network.cpp    | Tests : fonctions réseau.
 |          test-core-secure.cpp     | Tests : données sécurisées.
 |          test-core-signal.cpp     | Tests : signaux.
 |          test-core-string.cpp     | Tests : chaînes.

diff --git a/doc/ja/weechat_dev.ja.adoc b/doc/ja/weechat_dev.ja.adoc
index 254b28cdc881026b066f94a8480255e553d45923..1f0bb8c109bc827d4df726c84f456abe0d752796 100644 (file)
--- a/doc/ja/weechat_dev.ja.adoc
+++ b/doc/ja/weechat_dev.ja.adoc
@@ -412,12 +412,16 @@ WeeChat "core" は以下のディレクトリに配置されています:
 |          test-core-calc.cpp       | Tests: calculation of expressions.
 // TRANSLATION MISSING
 |          test-core-crypto.cpp     | Tests: cryptographic functions.
+// TRANSLATION MISSING
+|          test-core-dir.cpp        | Tests: directory/file functions.
 |          test-core-eval.cpp       | テスト: 式の評価
 |          test-core-hashtble.cpp   | テスト: ハッシュテーブル
 |          test-core-hdata.cpp      | テスト: hdata
 |          test-core-hook.cpp       | テスト: フック
 |          test-core-infolist.cpp   | テスト: インフォリスト
 |          test-core-list.cpp       | テスト: リスト
+// TRANSLATION MISSING
+|          test-core-network.cpp    | Tests: network functions.
 |          test-core-secure.cpp     | テスト: データ保護
 // TRANSLATION MISSING
 |          test-core-signal.cpp     | テスト: signals.

diff --git a/src/core/wee-network.c b/src/core/wee-network.c
index 32b975cf1fea4fd7792a559f34a9b5369a66a71c..13371a61d2a749ddf0263901f3861d5ac2097b66 100644 (file)
--- a/src/core/wee-network.c
+++ b/src/core/wee-network.c
@@ -302,6 +302,35 @@ network_end ()
     }
 }
 
+/*
+ * Checks if a string contains a valid IP address (IPv4 or IPv6).
+ *
+ * Returns:
+ *   1: string is a valid IPv4 or IPv6
+ *   0: string is not a valid IP address
+ */
+
+int
+network_is_ip_address (const char *address)
+{
+    struct sockaddr_in server_addr;
+    struct sockaddr_in6 server_addr6;
+
+    if (!address || !address[0])
+        return 0;
+
+    /* valid IPv4? */
+    if (inet_pton (AF_INET, address, &server_addr.sin_addr))
+        return 1;
+
+    /* valid IPv6? */
+    if (inet_pton (AF_INET6, address, &server_addr6.sin6_addr))
+        return 1;
+
+    /* not a valid IP address */
+    return 0;
+}
+
 /*
  * Sends data on a socket with retry.
  *
@@ -1793,19 +1822,23 @@ network_connect_with_fork (struct t_hook *hook_connect)
             unhook (hook_connect);
             return;
         }
-        rc = gnutls_server_name_set (*HOOK_CONNECT(hook_connect, gnutls_sess),
-                                     GNUTLS_NAME_DNS,
-                                     HOOK_CONNECT(hook_connect, address),
-                                     strlen (HOOK_CONNECT(hook_connect, address)));
-        if (rc != GNUTLS_E_SUCCESS)
+        if (!network_is_ip_address (HOOK_CONNECT(hook_connect, address)))
         {
-            (void) (HOOK_CONNECT(hook_connect, callback))
-                (hook_connect->callback_pointer,
-                 hook_connect->callback_data,
-                 WEECHAT_HOOK_CONNECT_GNUTLS_INIT_ERROR,
-                 0, -1, _("set server name indication (SNI) failed"), NULL);
-            unhook (hook_connect);
-            return;
+            /* set the server name (only if it's NOT an IPv4/IPv6) */
+            rc = gnutls_server_name_set (*HOOK_CONNECT(hook_connect, gnutls_sess),
+                                         GNUTLS_NAME_DNS,
+                                         HOOK_CONNECT(hook_connect, address),
+                                         strlen (HOOK_CONNECT(hook_connect, address)));
+            if (rc != GNUTLS_E_SUCCESS)
+            {
+                (void) (HOOK_CONNECT(hook_connect, callback))
+                    (hook_connect->callback_pointer,
+                     hook_connect->callback_data,
+                     WEECHAT_HOOK_CONNECT_GNUTLS_INIT_ERROR,
+                     0, -1, _("set server name indication (SNI) failed"), NULL);
+                unhook (hook_connect);
+                return;
+            }
         }
         rc = gnutls_priority_set_direct (*HOOK_CONNECT(hook_connect, gnutls_sess),
                                          HOOK_CONNECT(hook_connect, gnutls_priorities),

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 01bade1f2baf4d31d2343d64a90254b7928dd187..319462acd5f384ecfeb30885b48b5d1ba510cfea 100644 (file)
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -34,6 +34,7 @@ set(LIB_WEECHAT_UNIT_TESTS_CORE_SRC
   unit/core/test-core-hook.cpp
   unit/core/test-core-infolist.cpp
   unit/core/test-core-list.cpp
+  unit/core/test-core-network.cpp
   unit/core/test-core-secure.cpp
   unit/core/test-core-signal.cpp
   unit/core/test-core-string.cpp

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 95a8f913981300e618234018bbf4815c60147dd3..8b2292db7310651e716b82f5fab4c971e0e1e64d 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -31,6 +31,7 @@ lib_weechat_unit_tests_core_a_SOURCES = unit/core/test-core-arraylist.cpp \
                                         unit/core/test-core-hook.cpp \
                                         unit/core/test-core-infolist.cpp \
                                         unit/core/test-core-list.cpp \
+                                        unit/core/test-core-network.cpp \
                                         unit/core/test-core-secure.cpp \
                                         unit/core/test-core-signal.cpp \
                                         unit/core/test-core-string.cpp \

diff --git a/tests/tests.cpp b/tests/tests.cpp
index 12ae8fdf04ecee5f1cb55c12ba35e81491e00c93..a76a5393ccc787b29dc49eff32a7ea177b90b5d5 100644 (file)
--- a/tests/tests.cpp
+++ b/tests/tests.cpp
@@ -69,6 +69,7 @@ IMPORT_TEST_GROUP(CoreHdata);
 IMPORT_TEST_GROUP(CoreHook);
 IMPORT_TEST_GROUP(CoreInfolist);
 IMPORT_TEST_GROUP(CoreList);
+IMPORT_TEST_GROUP(CoreNetwork);
 IMPORT_TEST_GROUP(CoreSecure);
 IMPORT_TEST_GROUP(CoreSignal);
 IMPORT_TEST_GROUP(CoreString);

diff --git a/tests/unit/core/test-core-network.cpp b/tests/unit/core/test-core-network.cpp
new file mode 100644 (file)
index 0000000..c022435
--- /dev/null
+++ b/tests/unit/core/test-core-network.cpp
@@ -0,0 +1,285 @@
+/*
+ * test-core-network.cpp - test network functions
+ *
+ * Copyright (C) 2021 Sébastien Helleu <flashcode@flashtux.org>
+ *
+ * This file is part of WeeChat, the extensible chat client.
+ *
+ * WeeChat is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * WeeChat is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with WeeChat.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include "CppUTest/TestHarness.h"
+
+extern "C"
+{
+//#include <unistd.h>
+//#include <stdio.h>
+//#include <string.h>
+#include "src/core/wee-network.h"
+
+extern int network_is_ip_address (const char *address);
+}
+
+TEST_GROUP(CoreNetwork)
+{
+};
+
+/*
+ * Tests functions:
+ *   network_init_gcrypt
+ */
+
+TEST(CoreNetwork, InitGcrypt)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_load_system_ca_file
+ */
+
+TEST(CoreNetwork, LoadSystemCaFile)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_load_user_ca_files
+ */
+
+TEST(CoreNetwork, LoadUserCaFiles)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_load_ca_files
+ */
+
+TEST(CoreNetwork, LoadCaFiles)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_reload_ca_files
+ */
+
+TEST(CoreNetwork, ReloadCaFiles)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_init_gnutls
+ */
+
+TEST(CoreNetwork, InitGnutls)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_end
+ */
+
+TEST(CoreNetwork, End)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_is_ip_address
+ */
+
+TEST(CoreNetwork, IsIpAddress)
+{
+    /* invalid address */
+    LONGS_EQUAL(0, network_is_ip_address (NULL));
+    LONGS_EQUAL(0, network_is_ip_address (""));
+    LONGS_EQUAL(0, network_is_ip_address ("abc"));
+    LONGS_EQUAL(0, network_is_ip_address ("1"));
+    LONGS_EQUAL(0, network_is_ip_address ("1.2"));
+    LONGS_EQUAL(0, network_is_ip_address ("1.2.3"));
+    LONGS_EQUAL(0, network_is_ip_address ("1.2.3.a"));
+    LONGS_EQUAL(0, network_is_ip_address ("1.2.3.4.5"));
+    LONGS_EQUAL(0, network_is_ip_address ("001.002.003.004"));
+
+    /* valid IPv4 */
+    LONGS_EQUAL(1, network_is_ip_address ("127.0.0.1"));
+    LONGS_EQUAL(1, network_is_ip_address ("1.2.3.4"));
+
+    /* valid IPv6 */
+    LONGS_EQUAL(1, network_is_ip_address ("::1"));
+    LONGS_EQUAL(1, network_is_ip_address ("2001:0db8:0000:85a3:0000:0000:ac1f:8001"));
+    LONGS_EQUAL(1, network_is_ip_address ("2001:db8:0:85a3:0:0:ac1f:8001"));
+    LONGS_EQUAL(1, network_is_ip_address ("2001:db8:0:85a3::ac1f:8001"));
+}
+
+/*
+ * Tests functions:
+ *   network_send_with_retry
+ */
+
+TEST(CoreNetwork, SendWithRetry)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_recv_with_retry
+ */
+
+TEST(CoreNetwork, RecvWithRetry)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_pass_httpproxy
+ */
+
+TEST(CoreNetwork, PassHttpproxy)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_resolve
+ */
+
+TEST(CoreNetwork, Resolve)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_pass_socks4proxy
+ */
+
+TEST(CoreNetwork, PassSock4proxy)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_pass_socks5proxy
+ */
+
+TEST(CoreNetwork, PassSocks5proxy)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_pass_proxy
+ */
+
+TEST(CoreNetwork, PassProxy)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect
+ */
+
+TEST(CoreNetwork, Connect)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_to
+ */
+
+TEST(CoreNetwork, ConnectTo)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_child
+ */
+
+TEST(CoreNetwork, ConnectChild)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_child_timer_cb
+ */
+
+TEST(CoreNetwork, ConnectChildTimerCb)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_gnutls_handshake_fd_cb
+ */
+
+TEST(CoreNetwork, ConnectGnutlsHandshakeFdCb)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_gnutls_handshake_timer_cb
+ */
+
+TEST(CoreNetwork, ConnectGnutlsHandshakeTimerCb)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_child_read_cb
+ */
+
+TEST(CoreNetwork, ConnectChildReadCb)
+{
+    /* TODO: write tests */
+}
+
+/*
+ * Tests functions:
+ *   network_connect_with_fork
+ */
+
+TEST(CoreNetwork, ConnectWithFork)
+{
+    /* TODO: write tests */
+}