TLS SNI - add low level support for SNI to the networking code

author Artem Boldariev <artem@boldariev.com>

Tue, 17 Dec 2024 13:52:18 +0000 (15:52 +0200)

committer Artem Boldariev <artem@boldariev.com>

Thu, 26 Dec 2024 15:23:12 +0000 (17:23 +0200)
author Artem Boldariev <artem@boldariev.com>
Tue, 17 Dec 2024 13:52:18 +0000 (15:52 +0200)
committer Artem Boldariev <artem@boldariev.com>
Thu, 26 Dec 2024 15:23:12 +0000 (17:23 +0200)
diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c

index efe4837e919759add1deae7b367c2e85e07377a0..09b677e87b58531a8f49f62b4ff496c898101caf 100644 (file)
--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -3041,7 +3041,7 @@ start_tcp(dig_query_t *query) {
                 }
                 isc_nm_streamdnsconnect(netmgr, &localaddr, &query->sockaddr,
                                         tcp_connected, connectquery,
-                                       local_timeout, tlsctx, sess_cache,
+                                       local_timeout, tlsctx, NULL, sess_cache,
                                         proxy_type, ppi);
  #if HAVE_LIBNGHTTP2
         } else if (query->lookup->https_mode) {
@@ -3061,14 +3061,14 @@ start_tcp(dig_query_t *query) {
  
                 isc_nm_httpconnect(netmgr, &localaddr, &query->sockaddr, uri,
                                    !query->lookup->https_get, tcp_connected,
-                                  connectquery, tlsctx, sess_cache,
+                                  connectquery, tlsctx, NULL, sess_cache,
                                    local_timeout, proxy_type, ppi);
  #endif
         } else {
                 isc_nm_streamdnsconnect(netmgr, &localaddr, &query->sockaddr,
                                         tcp_connected, connectquery,
-                                       local_timeout, NULL, NULL, proxy_type,
-                                       ppi);
+                                       local_timeout, NULL, NULL, NULL,
+                                       proxy_type, ppi);
         }
  
         return;
diff --git a/bin/tests/test_client.c b/bin/tests/test_client.c

index 2787b3d990a7290c05c105c7123c4f597bbfbc6e..25a341d177c66a7b71cd66da85b03025a8d26f49 100644 (file)
--- a/bin/tests/test_client.c
+++ b/bin/tests/test_client.c
@@ -378,16 +378,18 @@ run(void) {
                                   connect_cb, NULL, timeout);
                 break;
         case TCP:
-               isc_nm_streamdnsconnect(
-                       netmgr, &sockaddr_local, &sockaddr_remote, connect_cb,
-                       NULL, timeout, NULL, NULL, ISC_NM_PROXY_NONE, NULL);
+               isc_nm_streamdnsconnect(netmgr, &sockaddr_local,
+                                       &sockaddr_remote, connect_cb, NULL,
+                                       timeout, NULL, NULL, NULL,
+                                       ISC_NM_PROXY_NONE, NULL);
                 break;
         case DOT: {
                 isc_tlsctx_createclient(&tls_ctx);
  
-               isc_nm_streamdnsconnect(
-                       netmgr, &sockaddr_local, &sockaddr_remote, connect_cb,
-                       NULL, timeout, tls_ctx, NULL, ISC_NM_PROXY_NONE, NULL);
+               isc_nm_streamdnsconnect(netmgr, &sockaddr_local,
+                                       &sockaddr_remote, connect_cb, NULL,
+                                       timeout, tls_ctx, NULL, NULL,
+                                       ISC_NM_PROXY_NONE, NULL);
                 break;
         }
  #if HAVE_LIBNGHTTP2
@@ -408,7 +410,8 @@ run(void) {
                 }
                 isc_nm_httpconnect(netmgr, &sockaddr_local, &sockaddr_remote,
                                    req_url, is_post, connect_cb, NULL, tls_ctx,
-                                  NULL, timeout, ISC_NM_PROXY_NONE, NULL);
+                                  NULL, NULL, timeout, ISC_NM_PROXY_NONE,
+                                  NULL);
         } break;
  #endif
         default:
diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c

index 0e338702298f209a61bd5cd6269aa51598e45df3..74080270acce3f259e4b27694444623b560b02c7 100644 (file)
--- a/lib/dns/dispatch.c
+++ b/lib/dns/dispatch.c
@@ -2007,7 +2007,7 @@ tcp_dispatch_connect(dns_dispatch_t *disp, dns_dispentry_t *resp) {
  
                 isc_nm_streamdnsconnect(disp->mgr->nm, &disp->local,
                                         &disp->peer, tcp_connected, disp,
-                                       resp->timeout, tlsctx, sess_cache,
+                                       resp->timeout, tlsctx, NULL, sess_cache,
                                         ISC_NM_PROXY_NONE, NULL);
                 break;
  
diff --git a/lib/isc/include/isc/netmgr.h b/lib/isc/include/isc/netmgr.h

index 21babdebadd318db3e126c03098d375d0ffa9530..887e256519603d8f49f4f26ce259210774c7e350 100644 (file)
--- a/lib/isc/include/isc/netmgr.h
+++ b/lib/isc/include/isc/netmgr.h
@@ -494,6 +494,7 @@ void
  isc_nm_proxystreamconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                           isc_sockaddr_t *peer, isc_nm_cb_t cb, void *cbarg,
                           unsigned int timeout, isc_tlsctx_t *tlsctx,
+                         const char                        *sni_hostname,
                           isc_tlsctx_client_session_cache_t *client_sess_cache,
                           isc_nm_proxyheader_info_t         *proxy_info);
  /*%<
@@ -616,6 +617,7 @@ void
  isc_nm_streamdnsconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                         isc_sockaddr_t *peer, isc_nm_cb_t cb, void *cbarg,
                         unsigned int timeout, isc_tlsctx_t *tlsctx,
+                       const char                        *sni_hostname,
                         isc_tlsctx_client_session_cache_t *client_sess_cache,
                         isc_nm_proxy_type_t                proxy_type,
                         isc_nm_proxyheader_info_t         *proxy_info);
@@ -672,7 +674,7 @@ isc_nm_listentls(isc_nm_t *mgr, uint32_t workers, isc_sockaddr_t *iface,
  void
  isc_nm_tlsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                   isc_nm_cb_t connect_cb, void *connect_cbarg,
-                 isc_tlsctx_t                      *ctx,
+                 isc_tlsctx_t *ctx, const char *sni_hostname,
                   isc_tlsctx_client_session_cache_t *client_sess_cache,
                   unsigned int timeout, bool proxy,
                   isc_nm_proxyheader_info_t *proxy_info);
@@ -684,7 +686,7 @@ isc_nm_tlsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
  void
  isc_nm_httpconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                    const char *uri, bool POST, isc_nm_cb_t cb, void *cbarg,
-                  isc_tlsctx_t                      *ctx,
+                  isc_tlsctx_t *ctx, const char *sni_hostname,
                    isc_tlsctx_client_session_cache_t *client_sess_cache,
                    unsigned int timeout, isc_nm_proxy_type_t proxy_type,
                    isc_nm_proxyheader_info_t *proxy_info);
diff --git a/lib/isc/netmgr/http.c b/lib/isc/netmgr/http.c

index 9d153a0f2e7df30e1b8bd2c846ffaf520e75b0ec..9fd1097f1f380c329971b6f199ecd8b7c339b5a6 100644 (file)
--- a/lib/isc/netmgr/http.c
+++ b/lib/isc/netmgr/http.c
@@ -1464,7 +1464,7 @@ error:
  void
  isc_nm_httpconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                    const char *uri, bool post, isc_nm_cb_t cb, void *cbarg,
-                  isc_tlsctx_t *tlsctx,
+                  isc_tlsctx_t *tlsctx, const char *sni_hostname,
                    isc_tlsctx_client_session_cache_t *client_sess_cache,
                    unsigned int timeout, isc_nm_proxy_type_t proxy_type,
                    isc_nm_proxyheader_info_t *proxy_info) {
@@ -1535,8 +1535,8 @@ isc_nm_httpconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                 if (tlsctx != NULL) {
                         isc_nm_tlsconnect(mgr, local, peer,
                                           transport_connect_cb, sock, tlsctx,
-                                         client_sess_cache, timeout, false,
-                                         NULL);
+                                         sni_hostname, client_sess_cache,
+                                         timeout, false, NULL);
                 } else {
                         isc_nm_tcpconnect(mgr, local, peer,
                                           transport_connect_cb, sock, timeout);
@@ -1546,19 +1546,19 @@ isc_nm_httpconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                 if (tlsctx != NULL) {
                         isc_nm_tlsconnect(mgr, local, peer,
                                           transport_connect_cb, sock, tlsctx,
-                                         client_sess_cache, timeout, true,
-                                         proxy_info);
+                                         sni_hostname, client_sess_cache,
+                                         timeout, true, proxy_info);
                 } else {
                         isc_nm_proxystreamconnect(
                                 mgr, local, peer, transport_connect_cb, sock,
-                               timeout, NULL, NULL, proxy_info);
+                               timeout, NULL, NULL, NULL, proxy_info);
                 }
                 break;
         case ISC_NM_PROXY_ENCRYPTED:
                 INSIST(tlsctx != NULL);
                 isc_nm_proxystreamconnect(
                         mgr, local, peer, transport_connect_cb, sock, timeout,
-                       tlsctx, client_sess_cache, proxy_info);
+                       tlsctx, sni_hostname, client_sess_cache, proxy_info);
                 break;
         default:
                 UNREACHABLE();
diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h

index c7f721b2a0610cf06260ace810838cd876e4962f..d790590ec40acbc51520b02c4d4f3c7ef9ff84fb 100644 (file)
--- a/lib/isc/netmgr/netmgr-int.h
+++ b/lib/isc/netmgr/netmgr-int.h
@@ -516,6 +516,7 @@ struct isc_nmsocket {
                 isc_tlsctx_t **listener_tls_ctx; /*%< A context reference per
                                                     worker */
                 size_t n_listener_tls_ctx;
+               char *sni_hostname;
                 isc_tlsctx_client_session_cache_t *client_sess_cache;
                 bool client_session_saved;
                 isc_nmsocket_t *tlslistener;
diff --git a/lib/isc/netmgr/proxystream.c b/lib/isc/netmgr/proxystream.c

index ab1eb5c7fe0f8d06b49d50ee794e4a5294fc6126..883e8cf9428bde5389845898952063b5f993b91d 100644 (file)
--- a/lib/isc/netmgr/proxystream.c
+++ b/lib/isc/netmgr/proxystream.c
@@ -459,6 +459,7 @@ void
  isc_nm_proxystreamconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                           isc_sockaddr_t *peer, isc_nm_cb_t cb, void *cbarg,
                           unsigned int timeout, isc_tlsctx_t *tlsctx,
+                         const char *sni_hostname,
                           isc_tlsctx_client_session_cache_t *client_sess_cache,
                           isc_nm_proxyheader_info_t *proxy_info) {
         isc_result_t result = ISC_R_FAILURE;
@@ -501,8 +502,9 @@ isc_nm_proxystreamconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                                   nsock, nsock->connect_timeout);
         } else {
                 isc_nm_tlsconnect(mgr, local, peer, proxystream_connect_cb,
-                                 nsock, tlsctx, client_sess_cache,
-                                 nsock->connect_timeout, false, NULL);
+                                 nsock, tlsctx, sni_hostname,
+                                 client_sess_cache, nsock->connect_timeout,
+                                 false, NULL);
         }
  }
  
diff --git a/lib/isc/netmgr/streamdns.c b/lib/isc/netmgr/streamdns.c

index d2cd1325f373db299738814f7266fd0f0bce8b12..30b39039861a96e77b0259383ae442e2a005601d 100644 (file)
--- a/lib/isc/netmgr/streamdns.c
+++ b/lib/isc/netmgr/streamdns.c
@@ -387,6 +387,7 @@ void
  isc_nm_streamdnsconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                         isc_sockaddr_t *peer, isc_nm_cb_t cb, void *cbarg,
                         unsigned int timeout, isc_tlsctx_t *tlsctx,
+                       const char *sni_hostname,
                         isc_tlsctx_client_session_cache_t *client_sess_cache,
                         isc_nm_proxy_type_t proxy_type,
                         isc_nm_proxyheader_info_t *proxy_info) {
@@ -418,7 +419,7 @@ isc_nm_streamdnsconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                 } else {
                         isc_nm_tlsconnect(
                                 mgr, local, peer, streamdns_transport_connected,
-                               nsock, tlsctx, client_sess_cache,
+                               nsock, tlsctx, sni_hostname, client_sess_cache,
                                 nsock->connect_timeout, false, proxy_info);
                 }
                 break;
@@ -427,20 +428,20 @@ isc_nm_streamdnsconnect(isc_nm_t *mgr, isc_sockaddr_t *local,
                         isc_nm_proxystreamconnect(mgr, local, peer,
                                                   streamdns_transport_connected,
                                                   nsock, nsock->connect_timeout,
-                                                 NULL, NULL, proxy_info);
+                                                 NULL, NULL, NULL, proxy_info);
                 } else {
                         isc_nm_tlsconnect(
                                 mgr, local, peer, streamdns_transport_connected,
-                               nsock, tlsctx, client_sess_cache,
+                               nsock, tlsctx, sni_hostname, client_sess_cache,
                                 nsock->connect_timeout, true, proxy_info);
                 }
                 break;
         case ISC_NM_PROXY_ENCRYPTED:
                 INSIST(tlsctx != NULL);
-               isc_nm_proxystreamconnect(mgr, local, peer,
-                                         streamdns_transport_connected, nsock,
-                                         nsock->connect_timeout, tlsctx,
-                                         client_sess_cache, proxy_info);
+               isc_nm_proxystreamconnect(
+                       mgr, local, peer, streamdns_transport_connected, nsock,
+                       nsock->connect_timeout, tlsctx, sni_hostname,
+                       client_sess_cache, proxy_info);
                 break;
         default:
                 UNREACHABLE();
diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c

index c045ebe96d5070a06e98f49a64f6df15c1daf8ec..c599600f10fc03a5e97c1c402466119e4b47ff2a 100644 (file)
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@@ -868,6 +868,14 @@ initialize_tls(isc_nmsocket_t *sock, bool server) {
         sock->tlsstream.server = server;
         sock->tlsstream.nsending = 0;
         sock->tlsstream.state = TLS_INIT;
+       if (sock->tlsstream.sni_hostname != NULL) {
+               INSIST(sock->client);
+               const int ret = SSL_set_tlsext_host_name(
+                       sock->tlsstream.tls, sock->tlsstream.sni_hostname);
+               if (ret != 1) {
+                       goto error;
+               }
+       }
         return ISC_R_SUCCESS;
  error:
         isc_tls_free(&sock->tlsstream.tls);
@@ -1201,7 +1209,7 @@ tcp_connected(isc_nmhandle_t *handle, isc_result_t result, void *cbarg);
  void
  isc_nm_tlsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
                   isc_nm_cb_t connect_cb, void *connect_cbarg,
-                 isc_tlsctx_t *ctx,
+                 isc_tlsctx_t *ctx, const char *sni_hostname,
                   isc_tlsctx_client_session_cache_t *client_sess_cache,
                   unsigned int timeout, bool proxy,
                   isc_nm_proxyheader_info_t *proxy_info) {
@@ -1223,6 +1231,10 @@ isc_nm_tlsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
         sock->connect_cbarg = connect_cbarg;
         sock->connect_timeout = timeout;
         isc_tlsctx_attach(ctx, &sock->tlsstream.ctx);
+       if (sni_hostname != NULL) {
+               sock->tlsstream.sni_hostname =
+                       isc_mem_strdup(sock->worker->mctx, sni_hostname);
+       }
         sock->client = true;
         if (client_sess_cache != NULL) {
                 INSIST(isc_tlsctx_client_session_cache_getctx(
@@ -1234,7 +1246,7 @@ isc_nm_tlsconnect(isc_nm_t *mgr, isc_sockaddr_t *local, isc_sockaddr_t *peer,
         if (proxy) {
                 isc_nm_proxystreamconnect(mgr, local, peer, tcp_connected, sock,
                                           sock->connect_timeout, NULL, NULL,
-                                         proxy_info);
+                                         NULL, proxy_info);
         } else {
                 isc_nm_tcpconnect(mgr, local, peer, tcp_connected, sock,
                                   sock->connect_timeout);
@@ -1334,6 +1346,10 @@ isc__nm_tls_cleanup_data(isc_nmsocket_t *sock) {
                 if (sock->tlsstream.ctx != NULL) {
                         isc_tlsctx_free(&sock->tlsstream.ctx);
                 }
+               if (sock->tlsstream.sni_hostname != NULL) {
+                       isc_mem_free(sock->worker->mctx,
+                                    sock->tlsstream.sni_hostname);
+               }
                 if (sock->tlsstream.client_sess_cache != NULL) {
                         INSIST(sock->client);
                         isc_tlsctx_client_session_cache_detach(
diff --git a/tests/isc/doh_test.c b/tests/isc/doh_test.c

index d9001468bcd31af00e9df77368bed0bf4820c97c..339f4559d102c69c198c7e7a7c13a6bb3883b664 100644 (file)
--- a/tests/isc/doh_test.c
+++ b/tests/isc/doh_test.c
@@ -213,7 +213,7 @@ connect_send_request(isc_nm_t *mgr, const char *uri, bool post,
         }
  
         isc_nm_httpconnect(mgr, NULL, &tcp_listen_addr, uri, post,
-                          connect_send_cb, data, ctx, client_sess_cache,
+                          connect_send_cb, data, ctx, NULL, client_sess_cache,
                            timeout, get_proxy_type(), NULL);
  }
  
@@ -698,7 +698,7 @@ doh_timeout_recovery(void *arg ISC_ATTR_UNUSED) {
                         ISC_NM_HTTP_DEFAULT_PATH);
         isc_nm_httpconnect(connect_nm, NULL, &tcp_listen_addr, req_url,
                            atomic_load(&POST), timeout_request_cb, NULL, ctx,
-                          client_sess_cache, T_CONNECT, get_proxy_type(),
+                          NULL, client_sess_cache, T_CONNECT, get_proxy_type(),
                            NULL);
  }
  
@@ -947,8 +947,8 @@ doh_recv_two(void *arg ISC_ATTR_UNUSED) {
  
         isc_nm_httpconnect(connect_nm, NULL, &tcp_listen_addr, req_url,
                            atomic_load(&POST), doh_connect_send_two_requests_cb,
-                          NULL, ctx, client_sess_cache, 5000, get_proxy_type(),
-                          NULL);
+                          NULL, ctx, NULL, client_sess_cache, 5000,
+                          get_proxy_type(), NULL);
  
         isc_loop_teardown(mainloop, listen_sock_close, listen_sock);
  }
diff --git a/tests/isc/netmgr_common.c b/tests/isc/netmgr_common.c

index bf7a31d400db101800871edf8e3f7b92c456f532..7372af4ab008d96e7f3edc41c6edbd38f601b9b3 100644 (file)
--- a/tests/isc/netmgr_common.c
+++ b/tests/isc/netmgr_common.c
@@ -595,7 +595,7 @@ tcp_connect(isc_nm_t *nm) {
  static void
  tls_connect(isc_nm_t *nm) {
         isc_nm_tlsconnect(nm, &tcp_connect_addr, &tcp_listen_addr,
-                         connect_connect_cb, NULL, tcp_connect_tlsctx,
+                         connect_connect_cb, NULL, tcp_connect_tlsctx, NULL,
                           tcp_tlsctx_client_sess_cache, T_CONNECT,
                           stream_use_PROXY, NULL);
  }
@@ -631,7 +631,7 @@ proxystream_connect(isc_nm_t *nm) {
  
         isc_nm_proxystreamconnect(nm, &tcp_connect_addr, &tcp_listen_addr,
                                   connect_connect_cb, NULL, T_CONNECT, tlsctx,
-                                 sess_cache, get_proxyheader_info());
+                                 NULL, sess_cache, get_proxyheader_info());
  }
  
  stream_connect_function
@@ -680,10 +680,11 @@ stream_connect(isc_nm_cb_t cb, void *cbarg, unsigned int timeout) {
         isc_refcount_increment0(&active_cconnects);
  
         if (stream_use_TLS && !stream_PROXY_over_TLS) {
-               isc_nm_tlsconnect(
-                       connect_nm, &tcp_connect_addr, &tcp_listen_addr, cb,
-                       cbarg, tcp_connect_tlsctx, tcp_tlsctx_client_sess_cache,
-                       timeout, stream_use_PROXY, NULL);
+               isc_nm_tlsconnect(connect_nm, &tcp_connect_addr,
+                                 &tcp_listen_addr, cb, cbarg,
+                                 tcp_connect_tlsctx, NULL,
+                                 tcp_tlsctx_client_sess_cache, timeout,
+                                 stream_use_PROXY, NULL);
                 return;
         } else if (stream_use_PROXY) {
                 isc_tlsctx_t *tlsctx = stream_PROXY_over_TLS
@@ -694,7 +695,7 @@ stream_connect(isc_nm_cb_t cb, void *cbarg, unsigned int timeout) {
                                               : NULL;
                 isc_nm_proxystreamconnect(connect_nm, &tcp_connect_addr,
                                           &tcp_listen_addr, cb, cbarg, timeout,
-                                         tlsctx, sess_cache,
+                                         tlsctx, NULL, sess_cache,
                                           get_proxyheader_info());
                 return;
         } else {
diff --git a/tests/isc/tcpdns_test.c b/tests/isc/tcpdns_test.c

index 0d3b76d22d24a05ef66d34769cedfb2b898c021a..f2d3eed9dd1e50d60503f9df9b0b3976371c13b7 100644 (file)
--- a/tests/isc/tcpdns_test.c
+++ b/tests/isc/tcpdns_test.c
@@ -63,7 +63,7 @@ static void
  tcpdns_connect(isc_nm_t *nm) {
         isc_nm_streamdnsconnect(nm, &tcp_connect_addr, &tcp_listen_addr,
                                 connect_connect_cb, tcpdns_connect, T_CONNECT,
-                               NULL, NULL, get_proxy_type(), NULL);
+                               NULL, NULL, NULL, get_proxy_type(), NULL);
  }
  
  ISC_LOOP_TEST_IMPL(tcpdns_noop) {
@@ -73,7 +73,7 @@ ISC_LOOP_TEST_IMPL(tcpdns_noop) {
         isc_refcount_increment0(&active_cconnects);
         isc_nm_streamdnsconnect(connect_nm, &tcp_connect_addr, &tcp_listen_addr,
                                 connect_success_cb, tcpdns_connect, T_CONNECT,
-                               NULL, NULL, get_proxy_type(), NULL);
+                               NULL, NULL, NULL, get_proxy_type(), NULL);
  }
  
  ISC_LOOP_TEST_IMPL(tcpdns_noresponse) {
@@ -82,7 +82,7 @@ ISC_LOOP_TEST_IMPL(tcpdns_noresponse) {
         isc_refcount_increment0(&active_cconnects);
         isc_nm_streamdnsconnect(connect_nm, &tcp_connect_addr, &tcp_listen_addr,
                                 connect_connect_cb, tcpdns_connect, T_CONNECT,
-                               NULL, NULL, get_proxy_type(), NULL);
+                               NULL, NULL, NULL, get_proxy_type(), NULL);
  }
  
  ISC_LOOP_TEST_IMPL(tcpdns_timeout_recovery) {
diff --git a/tests/isc/tlsdns_test.c b/tests/isc/tlsdns_test.c

index d2b290f070f60a9aeb61b487ad1417d20ff24973..e8da5b04fd9a770958976347518c9df23247668d 100644 (file)
--- a/tests/isc/tlsdns_test.c
+++ b/tests/isc/tlsdns_test.c
@@ -63,7 +63,7 @@ static void
  tlsdns_connect(isc_nm_t *nm) {
         isc_nm_streamdnsconnect(
                 nm, &tcp_connect_addr, &tcp_listen_addr, connect_connect_cb,
-               tlsdns_connect, T_CONNECT, tcp_connect_tlsctx,
+               tlsdns_connect, T_CONNECT, tcp_connect_tlsctx, NULL,
                 tcp_tlsctx_client_sess_cache, get_proxy_type(), NULL);
  }
  
@@ -74,7 +74,7 @@ ISC_LOOP_TEST_IMPL(tlsdns_noop) {
         isc_refcount_increment0(&active_cconnects);
         isc_nm_streamdnsconnect(connect_nm, &tcp_connect_addr, &tcp_listen_addr,
                                 connect_success_cb, tlsdns_connect, T_CONNECT,
-                               tcp_connect_tlsctx,
+                               tcp_connect_tlsctx, NULL,
                                 tcp_tlsctx_client_sess_cache, get_proxy_type(),
                                 NULL);
  }
@@ -85,7 +85,7 @@ ISC_LOOP_TEST_IMPL(tlsdns_noresponse) {
         isc_refcount_increment0(&active_cconnects);
         isc_nm_streamdnsconnect(connect_nm, &tcp_connect_addr, &tcp_listen_addr,
                                 connect_connect_cb, tlsdns_connect, T_CONNECT,
-                               tcp_connect_tlsctx,
+                               tcp_connect_tlsctx, NULL,
                                 tcp_tlsctx_client_sess_cache, get_proxy_type(),
                                 NULL);
  }
@@ -109,7 +109,7 @@ ISC_LOOP_TEST_IMPL(tlsdns_timeout_recovery) {
         isc_nm_streamdnsconnect(
                 connect_nm, &tcp_connect_addr, &tcp_listen_addr,
                 connect_connect_cb, tlsdns_connect, T_SOFT, tcp_connect_tlsctx,
-               tcp_tlsctx_client_sess_cache, get_proxy_type(), NULL);
+               NULL, tcp_tlsctx_client_sess_cache, get_proxy_type(), NULL);
  }
  
  ISC_LOOP_TEST_IMPL(tlsdns_recv_one) {
author	Artem Boldariev <artem@boldariev.com>
	Tue, 17 Dec 2024 13:52:18 +0000 (15:52 +0200)
committer	Artem Boldariev <artem@boldariev.com>
	Thu, 26 Dec 2024 15:23:12 +0000 (17:23 +0200)
bin/dig/dighost.c		patch \| blob \| blame \| history
bin/tests/test_client.c		patch \| blob \| blame \| history
lib/dns/dispatch.c		patch \| blob \| blame \| history
lib/isc/include/isc/netmgr.h		patch \| blob \| blame \| history
lib/isc/netmgr/http.c		patch \| blob \| blame \| history
lib/isc/netmgr/netmgr-int.h		patch \| blob \| blame \| history
lib/isc/netmgr/proxystream.c		patch \| blob \| blame \| history
lib/isc/netmgr/streamdns.c		patch \| blob \| blame \| history
lib/isc/netmgr/tlsstream.c		patch \| blob \| blame \| history
tests/isc/doh_test.c		patch \| blob \| blame \| history
tests/isc/netmgr_common.c		patch \| blob \| blame \| history
tests/isc/tcpdns_test.c		patch \| blob \| blame \| history
tests/isc/tlsdns_test.c		patch \| blob \| blame \| history