From 44eb473c9af5196008582418a63f95352eeca21a Mon Sep 17 00:00:00 2001 From: Richard Steele Date: Mon, 18 Nov 2019 11:47:44 +0100 Subject: Fix #231 --- src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp | 10 +++++----- src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp | 2 -- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp index 8ab75439..2f115f6c 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp @@ -122,8 +122,9 @@ TLSSocket_OpenSSL::~TLSSocket_OpenSSL() { void TLSSocket_OpenSSL::createSSLHandle() { if (m_wrapped->isConnected()) { - - if (m_address.empty()) { + string peerAddress = getPeerAddress(); + + if (peerAddress.empty()) { throw exceptions::tls_exception("Unknown host name, will not be able to set SNI"); } @@ -167,7 +168,7 @@ void TLSSocket_OpenSSL::createSSLHandle() { } SSL_set_bio(m_ssl, sockBio, sockBio); - SSL_set_tlsext_host_name(m_ssl, m_address.c_str()); + SSL_set_tlsext_host_name(m_ssl, peerAddress.c_str()); SSL_set_connect_state(m_ssl); SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); @@ -183,8 +184,7 @@ void TLSSocket_OpenSSL::connect(const string& address, const port_t port) { try { m_wrapped->connect(address, port); - m_address = address; - + createSSLHandle(); handshake(); diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp index 233bd25a..e30df680 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp @@ -116,8 +116,6 @@ private: shared_ptr m_wrapped; - std::string m_address; - bool m_connected; byte_t m_buffer[65536]; -- cgit v1.2.3 From 39ece29feda826421a40e49797aac35cfd369cd3 Mon Sep 17 00:00:00 2001 From: Richard Steele Date: Mon, 18 Nov 2019 12:16:10 +0100 Subject: Fix #231 (GnuTLS) --- src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp index eea2a15b..b0a497f0 100644 --- a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp +++ b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp @@ -94,8 +94,6 @@ void TLSSocket_GnuTLS::connect(const string& address, const port_t port) { try { - gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, address.c_str(), address.size()); - m_wrapped->connect(address, port); handshake(); @@ -319,6 +317,9 @@ void TLSSocket_GnuTLS::handshake() { // Start handshaking process try { + string peerAddress = getPeerAddress(); + + gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, peerAddress.c_str(), peerAddress.size()); while (true) { -- cgit v1.2.3 From 893726c3d8743c1ff8b204cdfe4815f8928388d5 Mon Sep 17 00:00:00 2001 From: Richard Steele Date: Mon, 18 Nov 2019 12:22:56 +0100 Subject: Use peerName instead of peerAddress --- src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp | 4 ++-- src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp index b0a497f0..53e4eaee 100644 --- a/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp +++ b/src/vmime/net/tls/gnutls/TLSSocket_GnuTLS.cpp @@ -317,9 +317,9 @@ void TLSSocket_GnuTLS::handshake() { // Start handshaking process try { - string peerAddress = getPeerAddress(); + string peerName = getPeerName(); - gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, peerAddress.c_str(), peerAddress.size()); + gnutls_server_name_set(*m_session->m_gnutlsSession, GNUTLS_NAME_DNS, peerName.c_str(), peerName.size()); while (true) { diff --git a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp index 2f115f6c..978f0ca6 100644 --- a/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp +++ b/src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp @@ -122,9 +122,9 @@ TLSSocket_OpenSSL::~TLSSocket_OpenSSL() { void TLSSocket_OpenSSL::createSSLHandle() { if (m_wrapped->isConnected()) { - string peerAddress = getPeerAddress(); + string peerName = getPeerName(); - if (peerAddress.empty()) { + if (peerName.empty()) { throw exceptions::tls_exception("Unknown host name, will not be able to set SNI"); } @@ -168,7 +168,7 @@ void TLSSocket_OpenSSL::createSSLHandle() { } SSL_set_bio(m_ssl, sockBio, sockBio); - SSL_set_tlsext_host_name(m_ssl, peerAddress.c_str()); + SSL_set_tlsext_host_name(m_ssl, peerName.c_str()); SSL_set_connect_state(m_ssl); SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); -- cgit v1.2.3