Merge pull request #232 from RichardSteele/fix-sni-231

Fix #231: SNI breaks STARTTLS

src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp

@@ -94,8 +94,6 @@ void TLSSocket_GnuTLS::connect(const string& address, const port_t port) {
 
 	try {
 
-		gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, address.c_str(), address.size());
-
 		m_wrapped->connect(address, port);
 
 		handshake();
@@ -319,6 +317,9 @@ void TLSSocket_GnuTLS::handshake() {
 
 	// Start handshaking process
 	try {
+		string peerName = getPeerName();
+		
+		gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, peerName.c_str(), peerName.size());
 
 		while (true) {
 

src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp

@@ -122,8 +122,9 @@ TLSSocket_OpenSSL::~TLSSocket_OpenSSL() {
 void TLSSocket_OpenSSL::createSSLHandle() {
 
 	if (m_wrapped->isConnected()) {
-
+		string peerName = getPeerName();
-		if (m_address.empty()) {
+		
+		if (peerName.empty()) {
 			throw exceptions::tls_exception("Unknown host name, will not be able to set SNI");
 		}
 
@@ -167,7 +168,7 @@ void TLSSocket_OpenSSL::createSSLHandle() {
 		}
 
 		SSL_set_bio(m_ssl, sockBio, sockBio);
-		SSL_set_tlsext_host_name(m_ssl, m_address.c_str());
+		SSL_set_tlsext_host_name(m_ssl, peerName.c_str());
 		SSL_set_connect_state(m_ssl);
 		SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 
@@ -183,8 +184,7 @@ void TLSSocket_OpenSSL::connect(const string& address, const port_t port) {
 	try {
 
 		m_wrapped->connect(address, port);
-		m_address = address;
+		
-
 		createSSLHandle();
 
 		handshake();

src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp

@@ -116,8 +116,6 @@ private:
 
 	shared_ptr <socket> m_wrapped;
 
-	std::string m_address;
-
 	bool m_connected;
 
 	byte_t m_buffer[65536];