Bug 1895: Support for SNI with FTP (2nd)

https://winscp.net/tracker/1895
(cherry picked from commit a25c55a621ffabb3df77d135bfab62a20fcb6ae7)

Source commit: 9397e51855c8dab4b8fd3574ca1c21e89acb509c

source/filezilla/AsyncSslSocketLayer.cpp

@@ -614,7 +614,6 @@ void CAsyncSslSocketLayer::Close()
 
 BOOL CAsyncSslSocketLayer::Connect(const SOCKADDR *lpSockAddr, int nSockAddrLen)
 {
-  m_HostName = CStringA();
   BOOL res = ConnectNext(lpSockAddr, nSockAddrLen);
   if (!res)
   {
@@ -628,7 +627,6 @@ BOOL CAsyncSslSocketLayer::Connect(const SOCKADDR *lpSockAddr, int nSockAddrLen)
 
 BOOL CAsyncSslSocketLayer::Connect(LPCTSTR lpszHostAddress, UINT nHostPort)
 {
-  m_HostName = AnsiString(lpszHostAddress).c_str();
   BOOL res = ConnectNext(lpszHostAddress, nHostPort);
   if (!res)
   {
@@ -691,7 +689,7 @@ int CAsyncSslSocketLayer::NewSessionCallback(struct ssl_st * Ssl, SSL_SESSION *
 }
 
 int CAsyncSslSocketLayer::InitSSLConnection(bool clientMode,
-  CAsyncSslSocketLayer* main, bool sessionreuse,
+  CAsyncSslSocketLayer* main, bool sessionreuse, const CString & host,
   CFileZillaTools * tools,
   void* pSslContext /*=0*/)
 {
@@ -756,10 +754,11 @@ int CAsyncSslSocketLayer::InitSSLConnection(bool clientMode,
     return SSL_FAILURE_INITSSL;
   }
 
-   if (clientMode && (m_HostName.GetLength() > 0))
-   {
-     SSL_set_tlsext_host_name(m_ssl, static_cast<const char *>(m_HostName));
-   }
+  if (clientMode && (host.GetLength() > 0))
+  {
+    USES_CONVERSION;
+    SSL_set_tlsext_host_name(m_ssl, T2CA(host));
+  }
 
 #ifdef _DEBUG
   if ((main == NULL) && LoggingSocketMessage(FZ_LOG_INFO))

source/filezilla/AsyncSslSocketLayer.h

@@ -135,7 +135,7 @@ public:
   bool IsUsingSSL();
   int InitSSLConnection(bool clientMode,
     CAsyncSslSocketLayer * main,
-    bool sessionreuse, CFileZillaTools * tools,
+    bool sessionreuse, const CString & host, CFileZillaTools * tools,
     void* pContext = 0);
 
   // Send raw text, useful to send a confirmation after the ssl connection
@@ -191,7 +191,6 @@ private:
   CString m_CertStorage;
   int m_nVerificationResult;
   int m_nVerificationDepth;
-  CStringA m_HostName;
 
   static struct t_SslLayerList
   {

source/filezilla/FtpControlSocket.cpp

@@ -504,7 +504,7 @@ void CFtpControlSocket::Connect(t_server &server)
       return;
     }
     int res = m_pSslLayer->InitSSLConnection(true, NULL,
-      GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE),
+      GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE), server.host,
       m_pTools);
     if (res == SSL_FAILURE_INITSSL)
       ShowStatus(IDS_ERRORMSG_CANTINITSSL, FZ_LOG_ERROR);
@@ -634,7 +634,7 @@ void CFtpControlSocket::LogOnToServer(BOOL bSkipReply /*=FALSE*/)
         return;
       }
       int res = m_pSslLayer->InitSSLConnection(true, NULL,
-        GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE),
+        GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE), m_CurrentServer.host,
         m_pTools);
       if (res == SSL_FAILURE_INITSSL)
         ShowStatus(IDS_ERRORMSG_CANTINITSSL, FZ_LOG_ERROR);

source/filezilla/TransferSocket.cpp

@@ -413,7 +413,7 @@ void CTransferSocket::Start()
   {
     AddLayer(m_pSslLayer);
     int res = m_pSslLayer->InitSSLConnection(true, m_pOwner->m_pSslLayer,
-      GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE),
+      GetOptionVal(OPTION_MPEXT_SSLSESSIONREUSE), CString(),
       m_pOwner->m_pTools);
     if (res == SSL_FAILURE_INITSSL)
     {