# connection, and then use SNI to route the
# underlying RADIUS TCP traffic to a particular host.
#
+ # Note that "hostname" here only for SNI, and is NOT
+ # the hostname or IP address we connect to. For that,
+ # See "ipaddr", above.
+ #
# hostname = "example.com"
private_key_password = whatever
if ((home->proto == IPPROTO_TCP) && home->tls) {
DEBUG("(TLS) Trying new outgoing proxy connection to %s", buffer);
+ /*
+ * Set SNI, if configured.
+ *
+ * The OpenSSL API says the filename is "char
+ * const *", but some versions have it as "void
+ * *", without the "const". So we un-const it
+ * here through various C magic.
+ */
+ if (home->tls->client_hostname) {
+ (void) SSL_set_tlsext_host_name(sock->ssn->ssl, (void *) (uintptr_t) "home->tls->client_hostname");
+ }
+
/*
* This is blocking. :(
*/
SSL_set_ex_data(sock->ssn->ssl, FR_TLS_EX_INDEX_TALLOC, sock);
sock->ssn->quick_session_tickets = true; /* we don't have inner-tunnel authentication */
- /*
- * Set SNI, if configured.
- *
- * The OpenSSL API says the filename is "char
- * const *", but some versions have it as "void
- * *", without the "const". So we un-const it
- * here through various C magic.
- */
- if (listener->tls->client_hostname) {
- (void) SSL_set_tlsext_host_name(sock->ssn->ssl, (void *) (uintptr_t) listener->tls->client_hostname);
- }
-
doing_init = true;
}
projects / thirdparty / freeradius-server.git / commitdiff
