Add support for Server Name Indication

author Christoph Ziebuhr <chris@codefrickler.de>

Mon, 1 Dec 2014 13:41:36 +0000 (14:41 +0100)

committer Felix Fietkau <nbd@openwrt.org>

Mon, 1 Dec 2014 14:55:41 +0000 (15:55 +0100)
author Christoph Ziebuhr <chris@codefrickler.de>
Mon, 1 Dec 2014 13:41:36 +0000 (14:41 +0100)
committer Felix Fietkau <nbd@openwrt.org>
Mon, 1 Dec 2014 14:55:41 +0000 (15:55 +0100)
diff --git a/ustream-openssl.h b/ustream-openssl.h

index ef786f2810dddd2f194ac0585f99758b91fd3c02..afff22b1a65c1c14325b876fbe3e8261eeda0943 100644 (file)
--- a/ustream-openssl.h
+++ b/ustream-openssl.h
@@ -39,4 +39,9 @@ static inline void __ustream_ssl_update_peer_cn(struct ustream_ssl *us)
  {
  }
  
+static inline void __ustream_ssl_set_server_name(struct ustream_ssl *us)
+{
+       SSL_set_tlsext_host_name(us->ssl, us->server_name);
+}
+
  #endif
diff --git a/ustream-polarssl.h b/ustream-polarssl.h

index 527c14a759a41651743343eb9ed12d41202e7156..dfc287df345e4f88b25c32e799d67dd59574fabd 100644 (file)
--- a/ustream-polarssl.h
+++ b/ustream-polarssl.h
@@ -50,6 +50,11 @@ static inline char *__ustream_ssl_strerror(int error, char *buffer, int len)
         return buffer;
  }
  
+static inline void __ustream_ssl_set_server_name(struct ustream_ssl *us)
+{
+       ssl_set_hostname(us->ssl, us->server_name);
+}
+
  void __ustream_ssl_update_peer_cn(struct ustream_ssl *us);
  void __ustream_ssl_session_free(void *ssl);
  void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx);
diff --git a/ustream-ssl.c b/ustream-ssl.c

index cf8cb846ca64d2650e413f7e0e9a78fa9531288d..dd0faf9f7ce3a25f8abf5aef644af334c7247cbf 100644 (file)
--- a/ustream-ssl.c
+++ b/ustream-ssl.c
@@ -186,6 +186,10 @@ static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, struc
         conn->next = &us->stream;
         ustream_set_io(ctx, us->ssl, conn);
         ustream_ssl_stream_init(us);
+
+       if (us->server_name)
+               __ustream_ssl_set_server_name(us);
+
         ustream_ssl_check_conn(us);
  
         return 0;
diff --git a/ustream-ssl.h b/ustream-ssl.h

index b4317afab4c6c092880f2ed36784efe2b0967bc4..0c5534464e54282dd6f3b371b315e99da1e2e4c9 100644 (file)
--- a/ustream-ssl.h
+++ b/ustream-ssl.h
@@ -34,6 +34,7 @@ struct ustream_ssl {
         void *ssl;
  
         char *peer_cn;
+       char *server_name;
  
         int error;
         bool connected;
author	Christoph Ziebuhr <chris@codefrickler.de>
	Mon, 1 Dec 2014 13:41:36 +0000 (14:41 +0100)
committer	Felix Fietkau <nbd@openwrt.org>
	Mon, 1 Dec 2014 14:55:41 +0000 (15:55 +0100)
ustream-openssl.h		patch \| blob \| history
ustream-polarssl.h		patch \| blob \| history
ustream-ssl.c		patch \| blob \| history
ustream-ssl.h		patch \| blob \| history