aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2019-03-11 13:00:51 +0100
committerKim Alvefur <zash@zash.se>2019-03-11 13:00:51 +0100
commit5d2608e150b7a739c0b1658fd2e9031af9ad2991 (patch)
treedd2e536584dca2521bced9dcca3634edb996862d
parent9f65ce71893ef10485442ee209472a38865da081 (diff)
downloadprosody-5d2608e150b7a739c0b1658fd2e9031af9ad2991.tar.gz
prosody-5d2608e150b7a739c0b1658fd2e9031af9ad2991.zip
net.server: Only add alternate SNI contexts if at least one is provided
Fixes use of <starttls/> when a client sends SNI, which would send no certificate otherwise.
-rw-r--r--net/server_epoll.lua2
-rw-r--r--net/server_event.lua2
-rw-r--r--net/server_select.lua2
3 files changed, 3 insertions, 3 deletions
diff --git a/net/server_epoll.lua b/net/server_epoll.lua
index 3c8b2613..4bdc2e21 100644
--- a/net/server_epoll.lua
+++ b/net/server_epoll.lua
@@ -512,7 +512,7 @@ function interface:tlshandskake()
if conn.sni then
if self.servername then
conn:sni(self.servername);
- elseif self._server and self._server.hosts then
+ elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
conn:sni(self._server.hosts, true);
end
end
diff --git a/net/server_event.lua b/net/server_event.lua
index 6c9b941d..2bee614a 100644
--- a/net/server_event.lua
+++ b/net/server_event.lua
@@ -168,7 +168,7 @@ function interface_mt:_start_ssl(call_onconnect) -- old socket will be destroyed
if self.conn.sni then
if self.servername then
self.conn:sni(self.servername);
- elseif self._server and self._server.hosts then
+ elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
self.conn:sni(self._server.hosts, true);
end
end
diff --git a/net/server_select.lua b/net/server_select.lua
index b52cc6d7..4b156409 100644
--- a/net/server_select.lua
+++ b/net/server_select.lua
@@ -637,7 +637,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
if socket.sni then
if self.servername then
socket:sni(self.servername);
- elseif self.server() and self.server().hosts then
+ elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
socket:sni(self.server().hosts, true);
end
end