diff --git a/ports/espressif/common-hal/ssl/SSLContext.c b/ports/espressif/common-hal/ssl/SSLContext.c index a94c1df1eb..e4767716a2 100644 --- a/ports/espressif/common-hal/ssl/SSLContext.c +++ b/ports/espressif/common-hal/ssl/SSLContext.c @@ -47,6 +47,11 @@ ssl_sslsocket_obj_t *common_hal_ssl_sslcontext_wrap_socket(ssl_sslcontext_obj_t sock->ssl_context = self; sock->sock = socket; + // Create a copy of the ESP-TLS config object and store the server hostname + // Note that ESP-TLS will use common_name for both SNI and verification + memcpy(&sock->ssl_config, &self->ssl_config, sizeof(self->ssl_config)); + sock->ssl_config.common_name = server_hostname; + esp_tls_t *tls_handle = esp_tls_init(); if (tls_handle == NULL) { mp_raise_espidf_MemoryError(); @@ -55,6 +60,5 @@ ssl_sslsocket_obj_t *common_hal_ssl_sslcontext_wrap_socket(ssl_sslcontext_obj_t // TODO: do something with the original socket? Don't call a close on the internal LWIP. - // Should we store server hostname on the socket in case connect is called with an ip? return sock; } diff --git a/ports/espressif/common-hal/ssl/SSLSocket.c b/ports/espressif/common-hal/ssl/SSLSocket.c index b1d0720be1..281e356d77 100644 --- a/ports/espressif/common-hal/ssl/SSLSocket.c +++ b/ports/espressif/common-hal/ssl/SSLSocket.c @@ -55,9 +55,7 @@ void common_hal_ssl_sslsocket_close(ssl_sslsocket_obj_t *self) { void common_hal_ssl_sslsocket_connect(ssl_sslsocket_obj_t *self, const char *host, size_t hostlen, uint32_t port) { - esp_tls_cfg_t *tls_config = NULL; - tls_config = &self->ssl_context->ssl_config; - int result = esp_tls_conn_new_sync(host, hostlen, port, tls_config, self->tls); + int result = esp_tls_conn_new_sync(host, hostlen, port, &self->ssl_config, self->tls); self->sock->connected = result >= 0; if (result < 0) { int esp_tls_code; diff --git a/ports/espressif/common-hal/ssl/SSLSocket.h b/ports/espressif/common-hal/ssl/SSLSocket.h index dd1dcda4ac..097f19857b 100644 --- a/ports/espressif/common-hal/ssl/SSLSocket.h +++ b/ports/espressif/common-hal/ssl/SSLSocket.h @@ -39,6 +39,7 @@ typedef struct { socketpool_socket_obj_t *sock; esp_tls_t *tls; ssl_sslcontext_obj_t *ssl_context; + esp_tls_cfg_t ssl_config; } ssl_sslsocket_obj_t; #endif // MICROPY_INCLUDED_ESPRESSIF_COMMON_HAL_SSL_SSLSOCKET_H