Skip to content

For IP-based DoT/DoQ connections, IP address is set for SNI #186

New issue
New issue
Closed
Closed
For IP-based DoT/DoQ connections, IP address is set for SNI#186
Assignees
grumaxxx
Labels
Priority: P4Resolution: FixedStatus: ClosedVersion: DnsLibs v2.2
@sfionov

Description

@sfionov
sfionov
opened on Mar 13, 2023

This is incorrect behaviour because there is no RFC for setting IP in SNI field.

try:

tls://1.1.1.1
quic://1.1.1.1

tlsext_hostname should not be set, and certificate verification should verify SubjectAltName ip instead of hostname

Metadata

Metadata

Assignees

Labels

Priority: P4Resolution: FixedStatus: ClosedVersion: DnsLibs v2.2

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions