diff options
| author | Vincent Richard <[email protected]> | 2019-10-14 06:51:35 +0000 |
|---|---|---|
| committer | GitHub <[email protected]> | 2019-10-14 06:51:35 +0000 |
| commit | 19fb3c24916438a46467b7d9270181662fa84ede (patch) | |
| tree | 6be2b5eab9afa54245ec6d95c3553231cc0730ec | |
| parent | Merge pull request #227 from Kopano-dev/boundaryprefix (diff) | |
| parent | Set SNI name in the gnutls backend as well (diff) | |
| download | vmime-19fb3c24916438a46467b7d9270181662fa84ede.tar.gz vmime-19fb3c24916438a46467b7d9270181662fa84ede.zip | |
Merge pull request #226 from 0xd34df00d/master
Added support for SNI.
| -rw-r--r-- | src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp | 2 | ||||
| -rw-r--r-- | src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp | 6 | ||||
| -rw-r--r-- | src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp | 2 |
3 files changed, 10 insertions, 0 deletions
diff --git a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp index 73d52231..eea2a15b 100644 --- a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp +++ b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp @@ -94,6 +94,8 @@ void TLSSocket_GnuTLS::connect(const string& address, const port_t port) { try { + gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, address.c_str(), address.size()); + m_wrapped->connect(address, port); handshake(); diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp index db782bb2..8ab75439 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp @@ -123,6 +123,10 @@ void TLSSocket_OpenSSL::createSSLHandle() { if (m_wrapped->isConnected()) { + if (m_address.empty()) { + throw exceptions::tls_exception("Unknown host name, will not be able to set SNI"); + } + #if OPENSSL_VERSION_NUMBER < 0x10100000L BIO* sockBio = BIO_new(&sm_customBIOMethod); @@ -163,6 +167,7 @@ void TLSSocket_OpenSSL::createSSLHandle() { } SSL_set_bio(m_ssl, sockBio, sockBio); + SSL_set_tlsext_host_name(m_ssl, m_address.c_str()); SSL_set_connect_state(m_ssl); SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); @@ -178,6 +183,7 @@ void TLSSocket_OpenSSL::connect(const string& address, const port_t port) { try { m_wrapped->connect(address, port); + m_address = address; createSSLHandle(); diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp index e30df680..233bd25a 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp @@ -116,6 +116,8 @@ private: shared_ptr <socket> m_wrapped; + std::string m_address; + bool m_connected; byte_t m_buffer[65536]; |