res_http_websocket.c: Set hostname on client for certificate validation.

Additionally add a `assert()` to in the TLS client setup code to
ensure that hostname is set when it is supposed to be.

Fixes #433

diff --git a/main/tcptls.c b/main/tcptls.c
index b6a77f72b44a6e7767673784a9b68c6d765ed67a..63dc9a1b31cb4013d553e9b484e4aab5bc30040e 100644 (file)
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -617,6 +617,10 @@ struct ast_tcptls_session_instance *ast_tcptls_client_create(struct ast_tcptls_s
        int fd, x = 1;
        struct ast_tcptls_session_instance *tcptls_session = NULL;
 
+       ast_assert(!desc->tls_cfg
+                       || ast_test_flag(&desc->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER)
+                       || !ast_strlen_zero(desc->hostname));
+
        /* Do nothing if nothing has changed */
        if (!ast_sockaddr_cmp(&desc->old_address, &desc->remote_address)) {
                ast_debug(1, "Nothing changed in %s\n", desc->name);

diff --git a/res/res_http_websocket.c b/res/res_http_websocket.c
index 36dfa367fb92dd6e82324c4dbb457645452980d7..fb18a4356673ed1d0d4433e3ae0cb5696d4175df 100644 (file)
--- a/res/res_http_websocket.c
+++ b/res/res_http_websocket.c
@@ -1162,6 +1162,12 @@ static struct ast_tcptls_session_args *websocket_client_args_create(
        }
        ast_sockaddr_copy(&args->remote_address, addr);
        ast_free(addr);
+
+       /* We need to save off the hostname but it may contain a port spec */
+       snprintf(args->hostname, sizeof(args->hostname),
+               "%.*s",
+               (int) strcspn(host, ":"), host);
+
        return args;
 }