author: Bryan Drewery <bdrewery@FreeBSD.org> 2013-12-02 10:59:41 +0000
committer: Bryan Drewery <bdrewery@FreeBSD.org> 2013-12-02 10:59:41 +0000
commit: 18c6a73e74a4498d13f2ea03e906e14cf545283e (patch)
tree: 740293e868dbe08e2c7afd6d850f00ea9c3e78b8
parent: e0400016b8e96bf37b74edc9cffd19b7a4c95205 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c
index 15d5a25de83b1..49d268ce37615 100644
--- a/lib/libfetch/common.c
+++ b/lib/libfetch/common.c
@@ -829,6 +829,16 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
 		return (-1);
 	}
 	SSL_set_fd(conn->ssl, conn->sd);
+
+#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
+	if (!SSL_set_tlsext_host_name(conn->ssl,
+	    __DECONST(struct url *, URL)->host)) {
+		fprintf(stderr,
+		    "TLS server name indication extension failed for host %s\n",
+		    URL->host);
+		return (-1);
+	}
+#endif
 	while ((ret = SSL_connect(conn->ssl)) == -1) {
 		ssl_err = SSL_get_error(conn->ssl, ret);
 		if (ssl_err != SSL_ERROR_WANT_READ &&
author	Bryan Drewery <bdrewery@FreeBSD.org>	2013-12-02 10:59:41 +0000
committer	Bryan Drewery <bdrewery@FreeBSD.org>	2013-12-02 10:59:41 +0000
commit	18c6a73e74a4498d13f2ea03e906e14cf545283e (patch)
tree	740293e868dbe08e2c7afd6d850f00ea9c3e78b8
parent	e0400016b8e96bf37b74edc9cffd19b7a4c95205 (diff)