|
1 | | -use std::borrow::Cow; |
2 | 1 | use std::convert::TryInto; |
3 | 2 | use std::ffi::CStr; |
4 | 3 | use std::fmt::{Debug, Formatter}; |
5 | 4 | use std::slice; |
6 | 5 | use std::sync::Arc; |
7 | 6 |
|
8 | 7 | use libc::{c_char, size_t}; |
9 | | -use pki_types::{CertificateDer, IpAddr, UnixTime}; |
| 8 | +use pki_types::{CertificateDer, UnixTime}; |
10 | 9 | use rustls::client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier}; |
11 | 10 | use rustls::client::{ResolvesClientCert, WebPkiServerVerifier}; |
12 | 11 | use rustls::crypto::ring::ALL_CIPHER_SUITES; |
@@ -260,19 +259,7 @@ impl ServerCertVerifier for Verifier { |
260 | 259 | _now: UnixTime, |
261 | 260 | ) -> Result<ServerCertVerified, rustls::Error> { |
262 | 261 | let cb = self.callback; |
263 | | - let server_name: Cow<'_, str> = match server_name { |
264 | | - pki_types::ServerName::DnsName(n) => n.as_ref().into(), |
265 | | - // TODO(@cpu): HACK |
266 | | - pki_types::ServerName::IpAddress(ip) => match ip { |
267 | | - IpAddr::V4(v4_addr) => std::net::Ipv4Addr::from(*v4_addr.as_ref()) |
268 | | - .to_string() |
269 | | - .into(), |
270 | | - IpAddr::V6(v6_addr) => std::net::Ipv6Addr::from(*v6_addr.as_ref()) |
271 | | - .to_string() |
272 | | - .into(), |
273 | | - }, |
274 | | - _ => return Err(rustls::Error::General("unknown name type".to_string())), |
275 | | - }; |
| 262 | + let server_name = server_name.to_str(); |
276 | 263 | let server_name: rustls_str = match server_name.as_ref().try_into() { |
277 | 264 | Ok(r) => r, |
278 | 265 | Err(NulByte {}) => return Err(rustls::Error::General("NUL byte in SNI".to_string())), |
|
0 commit comments