diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp index b4e8ce0bc..5c2408818 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp +++ b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp @@ -93,8 +93,8 @@ public: } } - void connect(ClientContext* ctx, uint32_t timeout_ms) { - _ssl = ssl_client_new(_ssl_ctx, reinterpret_cast(ctx), nullptr, 0); + void connect(ClientContext* ctx, const char* hostName, uint32_t timeout_ms) { + _ssl = ssl_client_new(_ssl_ctx, reinterpret_cast(ctx), nullptr, 0, hostName); uint32_t t = millis(); while (millis() - t < timeout_ms && ssl_handshake_status(_ssl) != SSL_OK) { @@ -242,16 +242,21 @@ int WiFiClientSecure::connect(IPAddress ip, uint16_t port) { if (!WiFiClient::connect(ip, port)) return 0; - return _connectSSL(); + return _connectSSL(nullptr); } int WiFiClientSecure::connect(const char* name, uint16_t port) { - if (!WiFiClient::connect(name, port)) + IPAddress remote_addr; + if (!WiFi.hostByName(name, remote_addr)) { return 0; - return 1; + } + if (!WiFiClient::connect(remote_addr, port)) { + return 0; + } + return _connectSSL(name); } -int WiFiClientSecure::_connectSSL() { +int WiFiClientSecure::_connectSSL(const char* hostName) { if (_ssl) { _ssl->unref(); _ssl = nullptr; @@ -259,7 +264,7 @@ int WiFiClientSecure::_connectSSL() { _ssl = new SSLContext; _ssl->ref(); - _ssl->connect(_client, 5000); + _ssl->connect(_client, hostName, 5000); auto status = ssl_handshake_status(*_ssl); if (status != SSL_OK) { diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecure.h b/libraries/ESP8266WiFi/src/WiFiClientSecure.h index a3ba73502..706994f35 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecure.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecure.h @@ -66,7 +66,7 @@ public: } protected: - int _connectSSL(); + int _connectSSL(const char* hostName); SSLContext* _ssl = nullptr; }; diff --git a/libraries/ESP8266WiFi/src/include/ssl.h b/libraries/ESP8266WiFi/src/include/ssl.h index 82cc84914..a18a756f7 100644 --- a/libraries/ESP8266WiFi/src/include/ssl.h +++ b/libraries/ESP8266WiFi/src/include/ssl.h @@ -243,10 +243,11 @@ EXP_FUNC SSL * STDCALL ssl_server_new(SSL_CTX *ssl_ctx, int client_fd); * can be null if no session resumption is being used or required. This option * is not used in skeleton mode. * @param sess_id_size The size of the session id (max 32) + * @param host_name If non-zero, host name to be sent to server for SNI support * @return An SSL object reference. Use ssl_handshake_status() to check * if a handshake succeeded. */ -EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id, uint8_t sess_id_size); +EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id, uint8_t sess_id_size, const char* host_name); /** * @brief Free any used resources on this connection. diff --git a/tools/sdk/lib/libaxtls.a b/tools/sdk/lib/libaxtls.a index 38dda0fdd..a3f03cdf3 100644 Binary files a/tools/sdk/lib/libaxtls.a and b/tools/sdk/lib/libaxtls.a differ