lib-ssl-iostream: Split host to connected_host and sni_host

author Timo Sirainen <timo.sirainen@dovecot.fi>

Wed, 1 Nov 2017 10:58:46 +0000 (12:58 +0200)

committer Ville Savolainen <ville.savolainen@dovecot.fi>

Tue, 16 Jan 2018 10:44:20 +0000 (12:44 +0200)
author Timo Sirainen <timo.sirainen@dovecot.fi>
Wed, 1 Nov 2017 10:58:46 +0000 (12:58 +0200)
committer Ville Savolainen <ville.savolainen@dovecot.fi>
Tue, 16 Jan 2018 10:44:20 +0000 (12:44 +0200)
diff --git a/src/lib-ssl-iostream/iostream-openssl-context.c b/src/lib-ssl-iostream/iostream-openssl-context.c

index b2d8ea6e108bf958d3b6f4bd045d1b5e12954100..4dca1fd97a1abb36a999613284254c6c05427487 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -267,8 +267,8 @@ static int ssl_servername_callback(SSL *ssl, int *al ATTR_UNUSED,
         ssl_io = SSL_get_ex_data(ssl, dovecot_ssl_extdata_index);
         host = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
         if (SSL_get_servername_type(ssl) != -1) {
-               i_free(ssl_io->host);
-               ssl_io->host = i_strdup(host);
+               i_free(ssl_io->sni_host);
+               ssl_io->sni_host = i_strdup(host);
         } else if (ssl_io->verbose) {
                 i_debug("SSL_get_servername() failed");
         }
diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c

index 3d4b17b6be6c1b2f2e514fecb8f5806f21eabee9..71f48df6296c1b15209477fdb57c0ca77034a7b0 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -242,7 +242,7 @@ openssl_iostream_create(struct ssl_iostream_context *ctx, const char *host,
         ssl_io->bio_ext = bio_ext;
         ssl_io->plain_input = *input;
         ssl_io->plain_output = *output;
-       ssl_io->host = i_strdup(host);
+       ssl_io->connected_host = i_strdup(host);
         ssl_io->log_prefix = host == NULL ? i_strdup("") :
                 i_strdup_printf("%s: ", host);
         /* bio_int will be freed by SSL_free() */
@@ -283,7 +283,8 @@ static void openssl_iostream_free(struct ssl_iostream *ssl_io)
         SSL_free(ssl_io->ssl);
         i_free(ssl_io->plain_stream_errstr);
         i_free(ssl_io->last_error);
-       i_free(ssl_io->host);
+       i_free(ssl_io->connected_host);
+       i_free(ssl_io->sni_host);
         i_free(ssl_io->log_prefix);
         i_free(ssl_io);
  }
@@ -688,7 +689,7 @@ openssl_iostream_get_peer_name(struct ssl_iostream *ssl_io)
  
  static const char *openssl_iostream_get_server_name(struct ssl_iostream *ssl_io)
  {
-       return ssl_io->host;
+       return ssl_io->sni_host;
  }
  
  static const char *
diff --git a/src/lib-ssl-iostream/iostream-openssl.h b/src/lib-ssl-iostream/iostream-openssl.h

index d46d608d10e87992fe1e3cd803fd92b5313b91de..d8d3d5348e2c5e127f5843205516c7ac8cb1e929 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.h
+++ b/src/lib-ssl-iostream/iostream-openssl.h
@@ -33,7 +33,10 @@ struct ssl_iostream {
         struct istream *ssl_input;
         struct ostream *ssl_output;
  
-       char *host;
+       /* SSL clients: host where we connected to */
+       char *connected_host;
+       /* SSL servers: host requested by the client via SNI */
+       char *sni_host;
         char *last_error;
         char *log_prefix;
         char *plain_stream_errstr;
author	Timo Sirainen <timo.sirainen@dovecot.fi>
	Wed, 1 Nov 2017 10:58:46 +0000 (12:58 +0200)
committer	Ville Savolainen <ville.savolainen@dovecot.fi>
	Tue, 16 Jan 2018 10:44:20 +0000 (12:44 +0200)
src/lib-ssl-iostream/iostream-openssl-context.c		patch \| blob \| blame \| history
src/lib-ssl-iostream/iostream-openssl.c		patch \| blob \| blame \| history
src/lib-ssl-iostream/iostream-openssl.h		patch \| blob \| blame \| history