{
const char *hostport = HOSTPORT;
const char *CAfile = CAFILE;
- char *hostname;
+ const char *hostname;
char *cp;
BIO *out = NULL;
char buf[1024 * 10], *p;
if (argc > 2)
CAfile = argv[2];
- hostname = OPENSSL_strdup(hostport);
- if ((cp = strchr(hostname, ':')) != NULL)
- *cp = 0;
-
#ifdef WATT32
dbug_init();
sock_init();
ssl = SSL_new(ssl_ctx);
SSL_set_connect_state(ssl);
- /* Enable peername verification */
- if (SSL_set1_host(ssl, hostname) <= 0)
- goto err;
/* Use it inside an SSL BIO */
ssl_bio = BIO_new(BIO_f_ssl());
/* Lets use a connect BIO under the SSL BIO */
out = BIO_new(BIO_s_connect());
BIO_set_conn_hostname(out, hostport);
+
+ /* The BIO has parsed the host:port and even IPv6 literals in [] */
+ hostname = BIO_get_conn_hostname(out);
+ if (!hostname || SSL_set1_host(ssl, hostname) <= 0)
+ goto err;
+
BIO_set_nbio(out, 1);
out = BIO_push(ssl_bio, out);