diff --git a/src/tofu.c b/src/tofu.c
index 4eeb7fd0eb8df7423fe8fd8f106e2fe433fa8716..4c25d5eb50a7dcb92d2990364527b04bdb66d588 100644
--- a/src/tofu.c
+++ b/src/tofu.c
@@ -6,6 +6,7 @@ #include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
+#include <openssl/x509v3.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
@@ -27,8 +28,6 @@ // rejecting it.
//
// If you're reading this code with the intent to re-use it, think
// twice.
struct gemini_tofu *tofu = (struct gemini_tofu *)data;
X509 *cert = X509_STORE_CTX_get0_cert(ctx);
struct known_host *host = NULL;
@@ -70,6 +69,12 @@ SSL *ssl = X509_STORE_CTX_get_ex_data(ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());
const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
if (!servername) {
rc = X509_V_ERR_HOSTNAME_MISMATCH;
goto invalid_cert;
rc = X509_V_ERR_HOSTNAME_MISMATCH;
goto invalid_cert;
}
text/gemini
This content has been proxied by September (ba2dc).