/* TLS has been set up. Record data for the connection,
adjust the input functions to read via TLS, and initialize things. */
+#ifdef SSL_get_extms_support
+tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1;
+#endif
peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn));
tls_in.ver = tlsver_name(server_ssl);
store_pool = POOL_PERM;
tls_in.channelbinding = b64encode_taint(CUS s, (int)len, FALSE);
store_pool = old_pool;
- DEBUG(D_tls) debug_printf("Have channel bindings cached for possible auth usage\n");
+ DEBUG(D_tls) debug_printf("Have channel bindings cached for possible auth usage %p\n", tls_in.channelbinding);
}
/* Only used by the server-side tls (tls_in), including tls_getc.
tls_client_resume_posthandshake(exim_client_ctx, tlsp);
#endif
+#ifdef SSL_get_extms_support
+tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
+#endif
peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn));
tlsp->ver = tlsver_name(exim_client_ctx->ssl);
store_pool = POOL_PERM;
tlsp->channelbinding = b64encode_taint(CUS s, (int)len, TRUE);
store_pool = old_pool;
- DEBUG(D_tls) debug_printf("Have channel bindings cached for possible auth usage\n");
+ DEBUG(D_tls) debug_printf("Have channel bindings cached for possible auth usage %p %p\n", tlsp->channelbinding, tlsp);
}
tlsp->active.sock = cctx->sock;