diff options
author | Junio C Hamano <gitster@pobox.com> | 2013-02-20 16:02:42 -0800 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2013-02-20 22:01:50 -0800 |
commit | 698a1ec4d52e90d611c233a12147daf261168bc6 (patch) | |
tree | 1233840cf08875d59ebc975819c0be1688eacfa9 /imap-send.c | |
parent | e174744ad17a55d4df68cec97bfbf6b0c28e762b (diff) | |
download | git-698a1ec4d52e90d611c233a12147daf261168bc6.tar.gz git-698a1ec4d52e90d611c233a12147daf261168bc6.tar.xz |
imap-send: support Server Name Indication (RFC4366)
To talk with some sites that serve multiple names on a single IP
address, the client needs to ask for the specific host that it wants
to talk to.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'imap-send.c')
-rw-r--r-- | imap-send.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/imap-send.c b/imap-send.c index 171c88707..91671d6f4 100644 --- a/imap-send.c +++ b/imap-send.c @@ -370,6 +370,17 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve return -1; } +#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME + /* + * SNI (RFC4366) + * OpenSSL does not document this function, but the implementation + * returns 1 on success, 0 on failure after calling SSLerr(). + */ + ret = SSL_set_tlsext_host_name(sock->ssl, server.host); + if (ret != 1) + warning("SSL_set_tlsext_host_name(%s) failed.", server.host); +#endif + ret = SSL_connect(sock->ssl); if (ret <= 0) { socket_perror("SSL_connect", sock, ret); |