diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2022-01-22 23:53:48 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2022-01-23 11:59:54 +0100 |
| commit | 9cdce61df91ec98cabcc5afc157713777d1f2f66 (patch) | |
| tree | faa3b2063d1ec32548b495d3177afdd65a0163e9 | |
| parent | d874adea4a5ef25446a09c01b5c3aaaf9be995c9 (diff) | |
| download | curl-9cdce61df91ec98cabcc5afc157713777d1f2f66.tar.gz | |
wolfssl: set the right SNI
| -rw-r--r-- | lib/vtls/wolfssl.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 8c5b9157b..ec82e5e61 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -462,12 +462,17 @@ wolfssl_connect_step1(struct Curl_easy *data, struct connectdata *conn, if((hostname_len < USHRT_MAX) && (0 == Curl_inet_pton(AF_INET, hostname, &addr4)) && #ifdef ENABLE_IPV6 - (0 == Curl_inet_pton(AF_INET6, hostname, &addr6)) && + (0 == Curl_inet_pton(AF_INET6, hostname, &addr6)) #endif - (wolfSSL_CTX_UseSNI(backend->ctx, WOLFSSL_SNI_HOST_NAME, hostname, - (unsigned short)hostname_len) != 1)) { - infof(data, "WARNING: failed to configure server name indication (SNI) " - "TLS extension"); + ) { + size_t snilen; + char *snihost = Curl_ssl_snihost(data, hostname, &snilen); + if(!snihost || + wolfSSL_CTX_UseSNI(backend->ctx, WOLFSSL_SNI_HOST_NAME, snihost, + (unsigned short)snilen) != 1) { + failf(data, "Failed to set SNI"); + return CURLE_SSL_CONNECT_ERROR; + } } } #endif |