From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 31 Jan 2022 11:24:29 +0000 (+0100)
Subject: TCPIOHandler: Handle empty TLS hostname in outgoing connections
X-Git-Tag: auth-4.7.0-alpha1~24^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d6004bda9401c82a35fdd148c89120c0d09f2c0;p=thirdparty%2Fpdns.git

TCPIOHandler: Handle empty TLS hostname in outgoing connections
---

diff --git a/pdns/tcpiohandler.cc b/pdns/tcpiohandler.cc
index be65fc0244..81fb4775df 100644
--- a/pdns/tcpiohandler.cc
+++ b/pdns/tcpiohandler.cc
@@ -127,8 +127,8 @@ public:
     }
 
     /* set outgoing Server Name Indication */
-    if (SSL_set_tlsext_host_name(d_conn.get(), d_hostname.c_str()) != 1) {
-      throw std::runtime_error("Error setting TLS SNI");
+    if (!d_hostname.empty() && SSL_set_tlsext_host_name(d_conn.get(), d_hostname.c_str()) != 1) {
+      throw std::runtime_error("Error setting TLS SNI to " + d_hostname);
     }
 
 #if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && HAVE_SSL_SET_HOSTFLAGS // grrr libressl