commit bc2b771af4b67c900813e58e7c8c77d7907291c1
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed May 06 11:14:19 2015 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon May 11 12:33:26 2015 +0200
tree f20a0f90996388d8ee7e7028398884905c982055
parent ba26c24769939ce821bb9cc906564a72fcdb9a62

Move ssl_set_ca_chain() to work on config

programs/ssl/dtls_client.c

diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index eb27f3c..9f8fcbf 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -176,13 +176,16 @@
         goto exit;
     }
 
-    mbedtls_printf( " ok\n" );
-
     /* OPTIONAL is usually a bad choice for security, but makes interop easier
      * in this simplified example, in which the ca chain is hardcoded.
      * Production code should set a proper ca chain and use REQUIRED. */
     mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME );
+    mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+    if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
+    {
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
+        goto exit;
+    }
 
     mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
     mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
@@ -191,6 +194,8 @@
                          mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout,
                          READ_TIMEOUT_MS );
 
+    mbedtls_printf( " ok\n" );
+
     /*
      * 4. Handshake
      */