use SNI when connecting with SSL
based on patch by Vincent Bernat <vincent@bernat.ch>.
This commit is contained in:
parent
f698f16967
commit
17babc1695
|
@ -271,6 +271,8 @@ socket_start_tls( conn_t *conn, void (*cb)( int ok, void *aux ) )
|
||||||
|
|
||||||
init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn );
|
init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn );
|
||||||
conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext );
|
conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext );
|
||||||
|
if (ssl_return( "set server name", conn, SSL_set_tlsext_host_name( conn->ssl, conn->conf->host ) ) < 0)
|
||||||
|
return;
|
||||||
SSL_set_fd( conn->ssl, conn->fd );
|
SSL_set_fd( conn->ssl, conn->fd );
|
||||||
SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER );
|
SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER );
|
||||||
socket_expect_read( conn, 1 );
|
socket_expect_read( conn, 1 );
|
||||||
|
|
Loading…
Reference in New Issue
Block a user