imap-send: support Server Name Indication (RFC4366)

To talk with some sites that serve multiple names on a single IP address, the client needs to ask for the specific host that it wants to talk to. Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-mirror · Feb 21, 2013 · 698a1ec · 698a1ec
1 parent e174744
commit 698a1ec
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/imap-send.c b/imap-send.c
@@ -370,6 +370,17 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
 		return -1;
 	}
 
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+	/*
+	 * SNI (RFC4366)
+	 * OpenSSL does not document this function, but the implementation
+	 * returns 1 on success, 0 on failure after calling SSLerr().
+	 */
+	ret = SSL_set_tlsext_host_name(sock->ssl, server.host);
+	if (ret != 1)
+		warning("SSL_set_tlsext_host_name(%s) failed.", server.host);
+#endif
+
 	ret = SSL_connect(sock->ssl);
 	if (ret <= 0) {
 		socket_perror("SSL_connect", sock, ret);