ref: 017eaaa4178ea3ff119d5f1b1337ec94e40782d4
parent: d5b37dc479986f53d24f480e739eaf49170ac23f
author: igor <igor@mux>
date: Thu Jan 25 02:20:55 EST 2024
Improve comment and relocate variable declaration.
--- a/tlshand.c
+++ b/tlshand.c
@@ -747,13 +747,15 @@
if(checkClientExtensions(c, m.u.clientHello.extensions) < 0)
goto Err;
if(certlen > 0){- /* override default server certificate with SNI (@igor) */
+ /* override default certificate using Server Name Identifier (SNI) extension */
if(c->serverName){char path[512];
+ PEMChain *chain;
+
snprint(path, sizeof(path), "/sys/lib/tls/acmed/%s.crt", c->serverName);
if(trace)
- trace("ClientHello server name indicator %s using %s\n", c->serverName, path);- PEMChain *chain = readcertchain(path);
+ trace("ClientHello extension server name identifier selects %s\n", path);+ chain = readcertchain(path);
if (chain){free(*cert);
*cert = chain->pem;