diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2022-01-23 18:22:50 -0500 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2022-01-23 18:22:50 -0500 |
commit | 8d7c088d8cd63eca9f8c495269ed268e10942b66 (patch) | |
tree | 98477317ccf7385899ef25bd491588e288c23373 | |
parent | a3a222d9ba3d64e72030a0d555d166de8c959c33 (diff) | |
download | curl-bagder/keep-trailing-dot.tar.gz |
squashme: more sni conversions for schannelbagder/keep-trailing-dot
InitializeSecurityContext's pszTargetName (hostname used for SNI)
should match in all calls.
-rw-r--r-- | lib/vtls/schannel.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 2067ebb06..b5b879abe 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1143,9 +1143,16 @@ schannel_connect_step2(struct Curl_easy *data, struct connectdata *conn, memcpy(inbuf[0].pvBuffer, backend->encdata_buffer, backend->encdata_offset); - host_name = curlx_convert_UTF8_to_tchar(hostname); - if(!host_name) - return CURLE_OUT_OF_MEMORY; + { + char *snihost = Curl_ssl_snihost(data, hostname, NULL); + if(!snihost) { + failf(data, "Failed to set SNI"); + return CURLE_SSL_CONNECT_ERROR; + } + host_name = curlx_convert_UTF8_to_tchar(snihost); + if(!host_name) + return CURLE_OUT_OF_MEMORY; + } sspi_status = s_pSecFn->InitializeSecurityContext( &backend->cred->cred_handle, &backend->ctxt->ctxt_handle, @@ -2192,9 +2199,16 @@ static int schannel_shutdown(struct Curl_easy *data, struct connectdata *conn, Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); } - host_name = curlx_convert_UTF8_to_tchar(hostname); - if(!host_name) - return CURLE_OUT_OF_MEMORY; + { + char *snihost = Curl_ssl_snihost(data, hostname, NULL); + if(!snihost) { + failf(data, "Failed to set SNI"); + return CURLE_SSL_CONNECT_ERROR; + } + host_name = curlx_convert_UTF8_to_tchar(snihost); + if(!host_name) + return CURLE_OUT_OF_MEMORY; + } /* setup output buffer */ InitSecBuffer(&outbuf, SECBUFFER_EMPTY, NULL, 0); |