res_http_websocket.c: Set hostname on client for certificate validation.

Additionally add a `assert()` to in the TLS client setup code to ensure that hostname is set when it is supposed to be. Fixes #433 (cherry picked from commit f2961f048d)
2023-11-09 17:59:19 -05:00 · 2023-11-09 17:59:19 -05:00 · fe92d09361
parent eb48273bdf
commit fe92d09361
2 changed files with 10 additions and 0 deletions
--- a/main/tcptls.c
+++ b/main/tcptls.c
@ -680,6 +680,10 @@ struct ast_tcptls_session_instance *ast_tcptls_client_create(struct ast_tcptls_s
 	int fd, x = 1;
 	struct ast_tcptls_session_instance *tcptls_session = NULL;

+	ast_assert(!desc->tls_cfg
+			|| ast_test_flag(&desc->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER)
+			|| !ast_strlen_zero(desc->hostname));
+
 	/* Do nothing if nothing has changed */
 	if (!ast_sockaddr_cmp(&desc->old_address, &desc->remote_address)) {
 		ast_debug(1, "Nothing changed in %s\n", desc->name);
--- a/res/res_http_websocket.c
+++ b/res/res_http_websocket.c
@ -1163,6 +1163,12 @@ static struct ast_tcptls_session_args *websocket_client_args_create(
 	}
 	ast_sockaddr_copy(&args->remote_address, addr);
 	ast_free(addr);
+
+	/* We need to save off the hostname but it may contain a port spec */
+	snprintf(args->hostname, sizeof(args->hostname),
+		"%.*s",
+		(int) strcspn(host, ":"), host);
+
 	return args;
 }