summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_client.c
diff options
context:
space:
mode:
authorjsing <>2015-02-11 07:01:10 +0000
committerjsing <>2015-02-11 07:01:10 +0000
commitd641e8f3aa538ca2210627d0cd491ad424b56353 (patch)
treec6f7f9e067233df00a99495d7e346482bb70b61e /src/lib/libtls/tls_client.c
parent18dcc969364b2ee37a91a47c36b37a6fb023fb98 (diff)
downloadopenbsd-d641e8f3aa538ca2210627d0cd491ad424b56353.tar.gz
openbsd-d641e8f3aa538ca2210627d0cd491ad424b56353.tar.bz2
openbsd-d641e8f3aa538ca2210627d0cd491ad424b56353.zip
Provide a tls_connect_servername() function that has the same behaviour
as tls_connect(), however allows the name to use for verification to be explicitly provided, rather than being inferred from the host value. Requested by reyk@ ok reyk@ tedu@
Diffstat (limited to 'src/lib/libtls/tls_client.c')
-rw-r--r--src/lib/libtls/tls_client.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index baa4805f57..682153ca65 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls_client.c,v 1.14 2015/02/11 06:46:33 jsing Exp $ */ 1/* $OpenBSD: tls_client.c,v 1.15 2015/02/11 07:01:10 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -83,6 +83,13 @@ tls_connect_host(struct tls *ctx, const char *host, const char *port,
83int 83int
84tls_connect(struct tls *ctx, const char *host, const char *port) 84tls_connect(struct tls *ctx, const char *host, const char *port)
85{ 85{
86 return tls_connect_servername(ctx, host, port, NULL);
87}
88
89int
90tls_connect_servername(struct tls *ctx, const char *host, const char *port,
91 const char *servername)
92{
86 const char *h = NULL, *p = NULL; 93 const char *h = NULL, *p = NULL;
87 char *hs = NULL, *ps = NULL; 94 char *hs = NULL, *ps = NULL;
88 int rv = -1, s = -1, ret; 95 int rv = -1, s = -1, ret;
@@ -128,7 +135,10 @@ tls_connect(struct tls *ctx, const char *host, const char *port)
128 (s = tls_connect_host(ctx, h, p, AF_UNSPEC, AI_ADDRCONFIG)) == -1) 135 (s = tls_connect_host(ctx, h, p, AF_UNSPEC, AI_ADDRCONFIG)) == -1)
129 goto err; 136 goto err;
130 137
131 if (tls_connect_socket(ctx, s, h) != 0) { 138 if (servername == NULL)
139 servername = h;
140
141 if (tls_connect_socket(ctx, s, servername) != 0) {
132 close(s); 142 close(s);
133 goto err; 143 goto err;
134 } 144 }
@@ -136,7 +146,6 @@ tls_connect(struct tls *ctx, const char *host, const char *port)
136 rv = 0; 146 rv = 0;
137 147
138err: 148err:
139
140 free(hs); 149 free(hs);
141 free(ps); 150 free(ps);
142 151
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-31 23:59:17 +0000