Copy peer hostname from sockaddr_union_struct into tcp_connection

jes · jes · commit 39d98e16cb9e · 2023-05-05T12:05:25.000+01:00
This is so that hostnames in TLS certificates can be validated.
diff --git a/net/net_tcp.c b/net/net_tcp.c
@@ -958,6 +958,11 @@ struct tcp_connection* tcp_conn_create(int sock, struct sockaddr_union_struct* s
 		return NULL;
 	}
 
+	/* copy peer hostname into the tcp_connection so that tls_openssl can verify
+	 * the certificate hostname */
+	strncpy(c->hostname, su->hostname, sizeof(c->hostname)-1);
+	c->hostname[sizeof(c->hostname)-1] = 0;
+
 	if (protos[c->type].net.conn_init &&
 			protos[c->type].net.conn_init(c) < 0) {
 		LM_ERR("failed to do proto %d specific init for conn %p\n",
diff --git a/net/tcp_conn_defs.h b/net/tcp_conn_defs.h
@@ -182,6 +182,7 @@ struct tcp_connection{
 	struct tcp_async_data *async;
 	/* protocol specific data attached to this connection */
 	void *proto_data;
+	char hostname[256]; /* remote side hostname (used for TLS certificate hostname verification) */
 };
 
 
