Closed mrdeep1 closed 3 months ago
Move requirements for client to determine how to set up the SNI for PSK/PKI encrypted communications down into libcoap. The client just needs to indicate the host to connect to in the client_sni field of coap_dtls_cpsk_t or coap_dtls_pki_t.
New internal function coap_sanitize_client_sni() makes sure that the SNI sent follows RFC 6066. As per https://datatracker.ietf.org/doc/html/rfc6066#section-3
Literal IPv4 and IPv6 addresses are not permitted in "HostName".
all IPv4 and IPv6 addresses are dropped for the SNI, and so no SNI is sent. DNS hostnames will get transmitted as the SNI.
Move requirements for client to determine how to set up the SNI for PSK/PKI encrypted communications down into libcoap. The client just needs to indicate the host to connect to in the client_sni field of coap_dtls_cpsk_t or coap_dtls_pki_t.
New internal function coap_sanitize_client_sni() makes sure that the SNI sent follows RFC 6066. As per https://datatracker.ietf.org/doc/html/rfc6066#section-3
Literal IPv4 and IPv6 addresses are not permitted in "HostName".
all IPv4 and IPv6 addresses are dropped for the SNI, and so no SNI is sent. DNS hostnames will get transmitted as the SNI.