From b6388eb7fe35325fdbe528fa3b369f1848ca0f05 Mon Sep 17 00:00:00 2001
From: LoaD Accumulator <lda@freetards.xyz>
Date: Tue, 3 Oct 2023 16:56:39 +0200
Subject: [PATCH 1/3] [FIX] Fix issue related to TLS

The Makefile didn't properly set TLS_IMPL, effectively causing no
TLS implementation to be put in.
---
 configure | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 65df084..3f05817 100755
--- a/configure
+++ b/configure
@@ -37,11 +37,11 @@ echo "Ran with arguments: $SCRIPT_ARGS"
 for arg in $SCRIPT_ARGS; do
     case "$arg" in
         --with-openssl)
-            TLS_IMPL="OPENSSL"
+            TLS_IMPL="TLS_OPENSSL"
             TLS_LIBS="-lcrypto -lssl"
             ;;
         --with-libressl)
-            TLS_IMPL="LIBRESSL"
+            TLS_IMPL="TLS_LIBRESSL"
             TLS_LIBS="-ltls -lcrypto -lssl"
             ;;
         --disable-tls)

From 5dc1ec49eb777e3887014ad0d682bad664068ce6 Mon Sep 17 00:00:00 2001
From: LDA <lda@ari.lt>
Date: Wed, 19 Jun 2024 17:40:06 +0200
Subject: [PATCH 2/3] [FIX] Actually set fd.

I *should* have seen that one coming, oops!
---
 src/Tls/TlsOpenSSL.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Tls/TlsOpenSSL.c b/src/Tls/TlsOpenSSL.c
index 07b7bd5..8020ec1 100644
--- a/src/Tls/TlsOpenSSL.c
+++ b/src/Tls/TlsOpenSSL.c
@@ -89,6 +89,7 @@ TlsInitClient(int fd, const char *serverName)
 
     cookie->method = TLS_client_method();
     cookie->ctx = SSL_CTX_new(cookie->method);
+    coolie->fd = fd;
     if (!cookie->ctx)
     {
         goto error;

From d7faff734cfc2066ccb820fc4344491077630cb9 Mon Sep 17 00:00:00 2001
From: LDA <lda@ari.lt>
Date: Sun, 23 Jun 2024 07:52:32 +0200
Subject: [PATCH 3/3] [FIX] Actually apply serverName

As it turns out, it *was* odd. Not doing that will cause *someone* to
spend several hours fixing a SSL problem around a bridge they're making,
which needs to download media from a server and can't from *some* for an
undiscernable reason, causing said person to start going insane before
realising that Cytoplasm didn't set the server name properly.
---
 src/Tls/TlsOpenSSL.c | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/src/Tls/TlsOpenSSL.c b/src/Tls/TlsOpenSSL.c
index 8020ec1..a956d2a 100644
--- a/src/Tls/TlsOpenSSL.c
+++ b/src/Tls/TlsOpenSSL.c
@@ -71,14 +71,6 @@ TlsInitClient(int fd, const char *serverName)
     OpenSSLCookie *cookie;
     char errorStr[256];
 
-    /*
-     * TODO: Seems odd that this isn't needed to make the
-     * connection... we should figure out how to verify the
-     * certificate matches the server we think we're
-     * connecting to.
-     */
-    (void) serverName;
-
     cookie = Malloc(sizeof(OpenSSLCookie));
     if (!cookie)
     {
@@ -96,6 +88,7 @@ TlsInitClient(int fd, const char *serverName)
     }
 
     cookie->ssl = SSL_new(cookie->ctx);
+    SSL_set_tlsext_host_name(cookie->ssl, serverName);
     if (!cookie->ssl)
     {
         goto error;