If no SNI has been explicitly set use the one from the session

If we have not decided on an SNI value yet, but we are attempting to reuse
a session, and SNI is set in that, then we should use that value by
default.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
This commit is contained in:
Matt Caswell 2017-07-21 11:39:01 +01:00
parent 0871754499
commit c5de99a2d9

View File

@ -1888,6 +1888,26 @@ int s_client_main(int argc, char **argv)
ERR_print_errors(bio_err);
goto end;
}
/* By default the SNI should be the same as was set in the session */
if (!noservername && servername == NULL)
{
const char *sni = SSL_SESSION_get0_hostname(sess);
if (sni != NULL) {
servername = OPENSSL_strdup(sni);
if (servername == NULL) {
BIO_printf(bio_err, "Can't set server name\n");
ERR_print_errors(bio_err);
goto end;
}
} else {
/*
* Force no SNI to be sent so we are consistent with the
* session.
*/
noservername = 1;
}
}
SSL_SESSION_free(sess);
}