Changeset 3f661849
- Timestamp:
- 2012-12-24T12:51:26Z (12 years ago)
- Branches:
- master
- Children:
- def3650
- Parents:
- bbc69f7
- Location:
- lib
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
lib/ssl_gnutls.c
rbbc69f7 r3f661849 273 273 gnutls_set_default_priority( conn->session ); 274 274 gnutls_credentials_set( conn->session, GNUTLS_CRD_CERTIFICATE, xcred ); 275 if( conn->hostname && !isdigit( conn->hostname[0] ) ) 276 gnutls_server_name_set( conn->session, GNUTLS_NAME_DNS, 277 conn->hostname, strlen( conn->hostname ) ); 275 278 276 279 sock_make_nonblocking( conn->fd ); -
lib/ssl_openssl.c
rbbc69f7 r3f661849 47 47 gboolean established; 48 48 gboolean verify; 49 char *hostname; 49 50 50 51 int inpa; … … 54 55 }; 55 56 57 static void ssl_conn_free( struct scd *conn ); 56 58 static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond ); 57 59 static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond ); … … 73 75 if( conn->fd < 0 ) 74 76 { 75 g_free( conn );77 ssl_conn_free( conn ); 76 78 return NULL; 77 79 } … … 80 82 conn->data = data; 81 83 conn->inpa = -1; 84 conn->hostname = g_strdup( host ); 82 85 83 86 return conn; … … 93 96 conn->inpa = -1; 94 97 conn->verify = verify && global.conf->cafile; 98 conn->hostname = g_strdup( hostname ); 95 99 96 100 /* This function should be called via a (short) timeout instead of … … 120 124 const SSL_METHOD *meth; 121 125 122 /* Right now we don't have any verification functionality for OpenSSL. */123 124 126 if( conn->verify ) 125 127 { 128 /* Right now we don't have any verification functionality for OpenSSL. */ 126 129 conn->func( conn->data, 1, NULL, cond ); 127 130 if( source >= 0 ) closesocket( source ); 128 g_free( conn );131 ssl_conn_free( conn ); 129 132 130 133 return FALSE; … … 152 155 SSL_set_fd( conn->ssl, conn->fd ); 153 156 157 if( conn->hostname && !isdigit( conn->hostname[0] ) ) 158 SSL_set_tlsext_host_name( conn->ssl, conn->hostname ); 159 154 160 return ssl_handshake( data, source, cond ); 155 161 156 162 ssl_connected_failure: 157 163 conn->func( conn->data, 0, NULL, cond ); 158 159 if( conn->ssl ) 160 { 161 SSL_shutdown( conn->ssl ); 162 SSL_free( conn->ssl ); 163 } 164 if( conn->ssl_ctx ) 165 { 166 SSL_CTX_free( conn->ssl_ctx ); 167 } 168 if( source >= 0 ) closesocket( source ); 169 g_free( conn ); 170 164 ssl_disconnect( conn ); 171 165 return FALSE; 172 166 … … 184 178 { 185 179 conn->func( conn->data, 0, NULL, cond ); 186 187 SSL_shutdown( conn->ssl ); 188 SSL_free( conn->ssl ); 189 SSL_CTX_free( conn->ssl_ctx ); 190 191 if( source >= 0 ) closesocket( source ); 192 g_free( conn ); 193 180 ssl_disconnect( conn ); 194 181 return FALSE; 195 182 } … … 261 248 } 262 249 250 static void ssl_conn_free( struct scd *conn ) 251 { 252 SSL_free( conn->ssl ); 253 SSL_CTX_free( conn->ssl_ctx ); 254 g_free( conn->hostname ); 255 g_free( conn ); 256 257 } 258 263 259 void ssl_disconnect( void *conn_ ) 264 260 { … … 273 269 closesocket( conn->fd ); 274 270 275 SSL_free( conn->ssl ); 276 SSL_CTX_free( conn->ssl_ctx ); 277 g_free( conn ); 271 ssl_conn_free( conn ); 278 272 } 279 273
Note: See TracChangeset
for help on using the changeset viewer.