diff options
| author | Phil Pennock <pdp@exim.org> | 2012-05-21 21:58:00 -0400 |
|---|---|---|
| committer | Phil Pennock <pdp@exim.org> | 2012-05-21 21:58:00 -0400 |
| commit | 35731706f3f742d1999e36ce555c8f991d83a3a0 (patch) | |
| tree | 85f42812a1d475d756e66bc6f4e1961d2890f910 | |
| parent | d40f27c34fca5f571ad130157d8499413a4b6939 (diff) | |
| download | exim4-35731706f3f742d1999e36ce555c8f991d83a3a0.tar.gz | |
Guard SNI usage better (client-side)
| -rw-r--r-- | src/src/tls-openssl.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index eeab9c130..ebc5a6255 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -46,7 +46,9 @@ static BOOL verify_callback_called = FALSE; static const uschar *sid_ctx = US"exim"; static SSL_CTX *ctx = NULL; +#ifdef EXIM_HAVE_OPENSSL_TLSEXT static SSL_CTX *ctx_sni = NULL; +#endif static SSL *ssl = NULL; static char ssl_errstring[256]; @@ -1257,8 +1259,14 @@ if (sni) tls_sni = NULL; else { +#ifdef EXIM_HAVE_OPENSSL_TLSEXT DEBUG(D_tls) debug_printf("Setting TLS SNI \"%s\"\n", tls_sni); SSL_set_tlsext_host_name(ssl, tls_sni); +#else + DEBUG(D_tls) + debug_printf("OpenSSL at build-time lacked SNI support, ignoring \"%s\"\n", + tls_sni); +#endif } } |