From f56a0435f2008cf88609124a74fcaa71ad8fb2c1 Mon Sep 17 00:00:00 2001 From: Juan Linietsky <reduzio@gmail.com> Date: Wed, 29 Jun 2016 11:19:52 -0300 Subject: [PATCH] Turn on SNI in OpenSSL --- drivers/openssl/stream_peer_openssl.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/openssl/stream_peer_openssl.cpp b/drivers/openssl/stream_peer_openssl.cpp index 67f58b6028e..9349df37931 100644 --- a/drivers/openssl/stream_peer_openssl.cpp +++ b/drivers/openssl/stream_peer_openssl.cpp @@ -309,6 +309,9 @@ Error StreamPeerOpenSSL::connect(Ref<StreamPeer> p_base, bool p_validate_certs, validate_certs=p_validate_certs; validate_hostname=p_for_hostname!=""; + + + if (p_validate_certs) { @@ -380,6 +383,10 @@ Error StreamPeerOpenSSL::connect(Ref<StreamPeer> p_base, bool p_validate_certs, bio->ptr = this; SSL_set_bio( ssl, bio, bio ); + if (p_for_hostname!=String()) { + SSL_set_tlsext_host_name(ssl,p_for_hostname.utf8().get_data()); + } + use_blocking=true; // let handshake use blocking // Set the SSL to automatically retry on failure. SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);