Use SNI in modulemanager. Not needed for the default one, but if you add

custom ones you might need it.
This commit is contained in:
Bram Matthys 2019-12-28 18:49:25 +01:00
parent 910f2ad383
commit c215a3621a
No known key found for this signature in database
GPG key ID: BF8116B163EAAE98

View file

@ -150,8 +150,16 @@ int mm_http_request(char *url, char *fname, int follow_redirects)
fprintf(stderr, "ERROR: TLS initalization failure (II)\n");
goto out1;
}
BIO_get_ssl(socket, &ssl);
if (!ssl)
{
fprintf(stderr, "ERROR: Could not get TLS connection from BIO -- strange\n");
goto out2;
}
BIO_set_conn_hostname(socket, hostandport);
SSL_set_tlsext_host_name(ssl, host);
if (BIO_do_connect(socket) != 1)
{
@ -167,13 +175,6 @@ int mm_http_request(char *url, char *fname, int follow_redirects)
goto out2;
}
BIO_get_ssl(socket, &ssl);
if (!ssl)
{
fprintf(stderr, "ERROR: Could not get TLS connection from BIO -- strange\n");
goto out2;
}
if (!verify_certificate(ssl, host, &errstr))
{
fprintf(stderr, "Certificate problem for %s: %s\n", host, errstr);