summaryrefslogtreecommitdiff
path: root/usr.sbin/smtpd/ssl_smtpd.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/smtpd/ssl_smtpd.c')
-rw-r--r--usr.sbin/smtpd/ssl_smtpd.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/usr.sbin/smtpd/ssl_smtpd.c b/usr.sbin/smtpd/ssl_smtpd.c
index 5de8c53c35d..8d796d51836 100644
--- a/usr.sbin/smtpd/ssl_smtpd.c
+++ b/usr.sbin/smtpd/ssl_smtpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_smtpd.c,v 1.3 2013/10/28 17:02:08 eric Exp $ */
+/* $OpenBSD: ssl_smtpd.c,v 1.4 2014/02/04 13:44:41 eric Exp $ */
/*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -90,12 +90,12 @@ dummy_verify(int ok, X509_STORE_CTX *store)
}
void *
-ssl_smtp_init(void *ssl_ctx, char *cert, off_t cert_len, char *key, off_t key_len)
+ssl_smtp_init(void *ssl_ctx, char *cert, off_t cert_len, char *key, off_t key_len, void *sni, void *arg)
{
SSL *ssl = NULL;
+ int (*cb)(SSL *,int *,void *) = sni;
log_debug("debug: session_start_ssl: switching to SSL");
-
if (!ssl_ctx_use_certificate_chain(ssl_ctx, cert, cert_len))
goto err;
else if (!ssl_ctx_use_private_key(ssl_ctx, key, key_len))
@@ -105,6 +105,11 @@ ssl_smtp_init(void *ssl_ctx, char *cert, off_t cert_len, char *key, off_t key_le
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, dummy_verify);
+ if (cb) {
+ SSL_CTX_set_tlsext_servername_callback(ssl_ctx, cb);
+ SSL_CTX_set_tlsext_servername_arg(ssl_ctx, arg);
+ }
+
if ((ssl = SSL_new(ssl_ctx)) == NULL)
goto err;
if (!SSL_set_ssl_method(ssl, SSLv23_server_method()))
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-19 18:38:58 +0000