Compare commits

...

5 commits

Author SHA1 Message Date
bd310e62ac Merge pull request 'Fix TLS, again...' (#38) from lda/Cytoplasm:fix-tls into master
Some checks are pending
Compile Cytoplasm / Compile Cytoplasm (x86, alpine-v3.19) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86, debian-v12.4) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86, freebsd-v14.0) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86, netbsd-v9.3) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86_64, alpine-v3.19) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86_64, debian-v12.4) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86_64, freebsd-v14.0) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86_64, netbsd-v9.3) (push) Waiting to run
Compile Cytoplasm / Compile Cytoplasm (x86_64, openbsd-v7.4) (push) Waiting to run
Reviewed-on: #38
2024-06-24 14:18:43 -05:00
LDA
d7faff734c [FIX] Actually apply serverName
As it turns out, it *was* odd. Not doing that will cause *someone* to
spend several hours fixing a SSL problem around a bridge they're making,
which needs to download media from a server and can't from *some* for an
undiscernable reason, causing said person to start going insane before
realising that Cytoplasm didn't set the server name properly.
2024-06-23 07:52:32 +02:00
LDA
5dc1ec49eb [FIX] Actually set fd.
I *should* have seen that one coming, oops!
2024-06-19 17:40:06 +02:00
LDA
eca717d90c Merge branch 'master' of https://git.telodendria.io/Telodendria/Cytoplasm into fix-tls 2024-06-19 17:39:37 +02:00
b6388eb7fe
[FIX] Fix issue related to TLS
The Makefile didn't properly set TLS_IMPL, effectively causing no
TLS implementation to be put in.
2023-10-03 16:56:39 +02:00

View file

@ -71,14 +71,6 @@ TlsInitClient(int fd, const char *serverName)
OpenSSLCookie *cookie; OpenSSLCookie *cookie;
char errorStr[256]; char errorStr[256];
/*
* TODO: Seems odd that this isn't needed to make the
* connection... we should figure out how to verify the
* certificate matches the server we think we're
* connecting to.
*/
(void) serverName;
cookie = Malloc(sizeof(OpenSSLCookie)); cookie = Malloc(sizeof(OpenSSLCookie));
if (!cookie) if (!cookie)
{ {
@ -89,12 +81,14 @@ TlsInitClient(int fd, const char *serverName)
cookie->method = TLS_client_method(); cookie->method = TLS_client_method();
cookie->ctx = SSL_CTX_new(cookie->method); cookie->ctx = SSL_CTX_new(cookie->method);
coolie->fd = fd;
if (!cookie->ctx) if (!cookie->ctx)
{ {
goto error; goto error;
} }
cookie->ssl = SSL_new(cookie->ctx); cookie->ssl = SSL_new(cookie->ctx);
SSL_set_tlsext_host_name(cookie->ssl, serverName);
if (!cookie->ssl) if (!cookie->ssl)
{ {
goto error; goto error;