git://git.exim.org
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
d40f27c
)
Guard SNI usage better (client-side)
author
Phil Pennock
<pdp@exim.org>
Tue, 22 May 2012 01:58:00 +0000
(21:58 -0400)
committer
Phil Pennock
<pdp@exim.org>
Tue, 22 May 2012 01:58:00 +0000
(21:58 -0400)
src/src/tls-openssl.c
patch
|
blob
|
history
diff --git
a/src/src/tls-openssl.c
b/src/src/tls-openssl.c
index eeab9c1303bbb27d1f88d7e5f2e50d7499e28ceb..ebc5a62557a589c03ef6d2a1717ad756031042e3 100644
(file)
--- a/
src/src/tls-openssl.c
+++ b/
src/src/tls-openssl.c
@@
-46,7
+46,9
@@
static BOOL verify_callback_called = FALSE;
static const uschar *sid_ctx = US"exim";
static SSL_CTX *ctx = NULL;
static const uschar *sid_ctx = US"exim";
static SSL_CTX *ctx = NULL;
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static SSL_CTX *ctx_sni = NULL;
static SSL_CTX *ctx_sni = NULL;
+#endif
static SSL *ssl = NULL;
static char ssl_errstring[256];
static SSL *ssl = NULL;
static char ssl_errstring[256];
@@
-1257,8
+1259,14
@@
if (sni)
tls_sni = NULL;
else
{
tls_sni = NULL;
else
{
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tls_sni);
SSL_set_tlsext_host_name(ssl, tls_sni);
DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tls_sni);
SSL_set_tlsext_host_name(ssl, tls_sni);
+#else
+ DEBUG(D_tls)
+ debug_printf("OpenSSL at build-time lacked SNI support, ignoring \"%s\"\n",
+ tls_sni);
+#endif
}
}
}
}