[gnutls-devel] GnuTLS | gnutls-cli cannot specify server name while doing xmpp starttls (#777)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue May 28 23:24:17 CEST 2019
New Issue was created.
Issue 777: https://gitlab.com/gnutls/gnutls/issues/777
Author: Luiz Angelo Daros de Luca
Assignees:
## Description of the feature:
XMPP starttls sends the servername before requesting STARTTLS. However, the server might reject that request if the XMPP domains does not match (/host-unknown). This happens specially when "IN SRV" entries are in use for XMPP.
## Applications that this feature may be relevant to:
`gnutls-cli --verify-hostname=mydomain.com --starttls-proto=xmpp jabber.mydomain.com:xmpp-client`
--verify-hostname or --sni-hostname does not help. It does work if mydomain.com IN A matches jabber.mydomain.com. However, this should not be a requirement.
## Is this feature implemented in other libraries (and which)
`openssl s_client -starttls xmpp -xmpphost mydomain.com -connect jabber.mydomain.com:xmpp-client`
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/777
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190528/d7980355/attachment.html>
More information about the Gnutls-devel
mailing list