use SNI when connecting with SSL

based on patch by Vincent Bernat <vincent@bernat.ch>.
This commit is contained in:
Oswald Buddenhagen 2018-09-08 18:36:16 +02:00
parent f698f16967
commit 17babc1695

View File

@ -271,6 +271,8 @@ socket_start_tls( conn_t *conn, void (*cb)( int ok, void *aux ) )
init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn ); init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn );
conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext ); conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext );
if (ssl_return( "set server name", conn, SSL_set_tlsext_host_name( conn->ssl, conn->conf->host ) ) < 0)
return;
SSL_set_fd( conn->ssl, conn->fd ); SSL_set_fd( conn->ssl, conn->fd );
SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER ); SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER );
socket_expect_read( conn, 1 ); socket_expect_read( conn, 1 );