aboutsummaryrefslogtreecommitdiff
path: root/imap-send.c
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2013-02-20 16:02:42 -0800
committerJunio C Hamano <gitster@pobox.com>2013-02-20 22:01:50 -0800
commit698a1ec4d52e90d611c233a12147daf261168bc6 (patch)
tree1233840cf08875d59ebc975819c0be1688eacfa9 /imap-send.c
parente174744ad17a55d4df68cec97bfbf6b0c28e762b (diff)
downloadgit-698a1ec4d52e90d611c233a12147daf261168bc6.tar.gz
git-698a1ec4d52e90d611c233a12147daf261168bc6.tar.xz
imap-send: support Server Name Indication (RFC4366)
To talk with some sites that serve multiple names on a single IP address, the client needs to ask for the specific host that it wants to talk to. Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'imap-send.c')
-rw-r--r--imap-send.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/imap-send.c b/imap-send.c
index 171c88707..91671d6f4 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -370,6 +370,17 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
return -1;
}
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+ /*
+ * SNI (RFC4366)
+ * OpenSSL does not document this function, but the implementation
+ * returns 1 on success, 0 on failure after calling SSLerr().
+ */
+ ret = SSL_set_tlsext_host_name(sock->ssl, server.host);
+ if (ret != 1)
+ warning("SSL_set_tlsext_host_name(%s) failed.", server.host);
+#endif
+
ret = SSL_connect(sock->ssl);
if (ret <= 0) {
socket_perror("SSL_connect", sock, ret);