Enable server name verification on mbedTLS

PUBLISHED_FROM=54774944d5402a5d6a351b4609428940c0ad20ea
2025-06-11 12:14:41 +08:00 · 2016-11-28 10:39:14 +02:00 · 2016-11-28 10:39:14 +02:00 · 7776df241c
commit 7776df241c
parent e17fdcb077
1 changed files with 4 additions and 4 deletions
--- a/mongoose.c
+++ b/mongoose.c
@ -4370,10 +4370,6 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
    return MG_SSL_ERROR;
  }

-  if (params->server_name != NULL) {
-    /* TODO(rojer): Implement server name verification on mbedTLS. */
-  }
-
  mg_set_cipher_list(ctx, NULL);

  if (!(nc->flags & MG_F_LISTENING)) {
@ -4383,6 +4379,10 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
      MG_SET_PTRPTR(err_msg, "Failed to create SSL session");
      return MG_SSL_ERROR;
    }
+    if (params->server_name != NULL &&
+        mbedtls_ssl_set_hostname(ctx->ssl, params->server_name) != 0) {
+      return MG_SSL_ERROR;
+    }
  }

  nc->flags |= MG_F_SSL;