diff --git a/lib/ssl-client.c b/lib/ssl-client.c index 637dcc93..3ad958c9 100644 --- a/lib/ssl-client.c +++ b/lib/ssl-client.c @@ -38,11 +38,30 @@ lws_ssl_client_bio_create(struct lws *wsi) #if defined(LWS_USE_MBEDTLS) #else struct lws_context *context = wsi->context; - const char *hostname = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST); - X509_VERIFY_PARAM *param; + char hostname[128], *p; - (void)hostname; - (void)param; +#if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host + X509_VERIFY_PARAM *param; +#endif + if (lws_hdr_copy(wsi, hostname, sizeof(hostname), + _WSI_TOKEN_CLIENT_HOST) <= 0) { + lwsl_err("%s: Unable to get hostname\n", __func__); + + return -1; + } + + /* + * remove any :port part on the hostname... necessary for network + * connection but typical certificates do not contain it + */ + p = hostname; + while (*p) { + if (*p == ':') { + *p = '\0'; + break; + } + p++; + } wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx); if (!wsi->ssl) {