diff options
| author | Vincent Richard <[email protected]> | 2019-11-18 20:26:19 +0000 |
|---|---|---|
| committer | GitHub <[email protected]> | 2019-11-18 20:26:19 +0000 |
| commit | 8ac5b7f5fc99828f6718df09f9b5fc336a65b6cb (patch) | |
| tree | da3884d791517c1795aa03ae801f6fc6d6eea3e5 | |
| parent | Merge pull request #226 from 0xd34df00d/master (diff) | |
| parent | Use peerName instead of peerAddress (diff) | |
| download | vmime-8ac5b7f5fc99828f6718df09f9b5fc336a65b6cb.tar.gz vmime-8ac5b7f5fc99828f6718df09f9b5fc336a65b6cb.zip | |
Merge pull request #232 from RichardSteele/fix-sni-231
Fix #231: SNI breaks STARTTLS
| -rw-r--r-- | src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp | 5 | ||||
| -rw-r--r-- | src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp | 10 | ||||
| -rw-r--r-- | src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp | 2 |
3 files changed, 8 insertions, 9 deletions
diff --git a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp index eea2a15b..53e4eaee 100644 --- a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp +++ b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp @@ -94,8 +94,6 @@ void TLSSocket_GnuTLS::connect(const string& address, const port_t port) { try { - gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, address.c_str(), address.size()); - m_wrapped->connect(address, port); handshake(); @@ -319,6 +317,9 @@ void TLSSocket_GnuTLS::handshake() { // Start handshaking process try { + string peerName = getPeerName(); + + gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, peerName.c_str(), peerName.size()); while (true) { diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp index 8ab75439..978f0ca6 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp @@ -122,8 +122,9 @@ TLSSocket_OpenSSL::~TLSSocket_OpenSSL() { void TLSSocket_OpenSSL::createSSLHandle() { if (m_wrapped->isConnected()) { - - if (m_address.empty()) { + string peerName = getPeerName(); + + if (peerName.empty()) { throw exceptions::tls_exception("Unknown host name, will not be able to set SNI"); } @@ -167,7 +168,7 @@ void TLSSocket_OpenSSL::createSSLHandle() { } SSL_set_bio(m_ssl, sockBio, sockBio); - SSL_set_tlsext_host_name(m_ssl, m_address.c_str()); + SSL_set_tlsext_host_name(m_ssl, peerName.c_str()); SSL_set_connect_state(m_ssl); SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); @@ -183,8 +184,7 @@ void TLSSocket_OpenSSL::connect(const string& address, const port_t port) { try { m_wrapped->connect(address, port); - m_address = address; - + createSSLHandle(); handshake(); diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp index 233bd25a..e30df680 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp @@ -116,8 +116,6 @@ private: shared_ptr <socket> m_wrapped; - std::string m_address; - bool m_connected; byte_t m_buffer[65536]; |