ObjOpenSSL  Check-in [62717d00e1]

Overview
Comment:Add support for client-side SNI
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 62717d00e19693cb54a459b057bea5b3dd424fb8202fb02024626a2809dfff9d
User & Date: js on 2018-02-25 20:26:30
Other Links: manifest | tags
Context
2018-07-29
16:52
Adjust to ObjFW changes check-in: 406ed24bc9 user: js tags: trunk
2018-02-25
20:26
Add support for client-side SNI check-in: 62717d00e1 user: js tags: trunk
2018-01-21
22:31
Update buildsys check-in: a7e2f217b6 user: js tags: trunk
Changes

Modified extra.mk.in from [86a99f5199] to [5776c0b728].

1
2
3
4
5
6

1
2
3
4

5
6




-

+
OBJOPENSSL_SHARED_LIB = @OBJOPENSSL_SHARED_LIB@
OBJOPENSSL_STATIC_LIB = @OBJOPENSSL_STATIC_LIB@
OBJOPENSSL_FRAMEWORK = @OBJOPENSSL_FRAMEWORK@

OBJFW_LIBS = @OBJFW_LIBS@
OBJFW_FRAMEWORK_LIBS = @OBJFW_FRAMEWORK_LIBS@
OBJFW_LIBS = @OBJFW_LIBS@

Modified src/SSLSocket.m from [bc1f35e528] to [073c61fb6e].

194
195
196
197
198
199
200











201
202
203
204
205
206
207
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218







+
+
+
+
+
+
+
+
+
+
+








		@throw [SSLConnectionFailedException
		    exceptionWithHost: host
				 port: port
			       socket: self
			     SSLError: error];
	}

	if (SSL_set_tlsext_host_name(_SSL, [host UTF8String]) != 1) {
		unsigned long error = ERR_get_error();

		[self close];

		@throw [SSLConnectionFailedException exceptionWithHost: host
								  port: port
								socket: self
							      SSLError: error];
	}

	if (_certificateVerificationEnabled) {
		X509_VERIFY_PARAM *param = SSL_get0_param(_SSL);

		X509_VERIFY_PARAM_set_hostflags(param,
		    X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);