Replace SSL_set1_host with asio::ssl::host_name_verification

`SSL_set1_host` fails when host is an IP address

example/http/client/async-ssl-system-executor/http_client_async_ssl_system_executor.cpp

@@ -85,14 +85,7 @@ public:
         }
 
         // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(stream_.native_handle(), host))
-        {
-            beast::error_code ec{
-                static_cast<int>(::ERR_get_error()),
-                net::error::get_ssl_category()};
-            std::cerr << ec.message() << "\n";
-            return;
-        }
+        stream_.set_verify_callback(ssl::host_name_verification(host));
 
         // Set up an HTTP GET request message
         req_.version(version);

example/http/client/async-ssl/http_client_async_ssl.cpp

@@ -77,14 +77,7 @@ public:
         }
 
         // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(stream_.native_handle(), host))
-        {
-            beast::error_code ec{
-                static_cast<int>(::ERR_get_error()),
-                net::error::get_ssl_category()};
-            std::cerr << ec.message() << "\n";
-            return;
-        }
+        stream_.set_verify_callback(ssl::host_name_verification(host));
 
         // Set up an HTTP GET request message
         req_.version(version);

example/http/client/awaitable-ssl/http_client_awaitable_ssl.cpp

@@ -59,12 +59,7 @@ do_session(
     }
 
     // Set the expected hostname in the peer certificate for verification
-    if(! SSL_set1_host(stream.native_handle(), host.c_str()))
-    {
-        throw beast::system_error(
-            static_cast<int>(::ERR_get_error()),
-            net::error::get_ssl_category());
-    }
+    stream.set_verify_callback(ssl::host_name_verification(host));
 
     // Look up the domain name
     auto const results = co_await resolver.async_resolve(host, port);

example/http/client/coro-ssl/http_client_coro_ssl.cpp

@@ -66,12 +66,7 @@ do_session(
     }
 
     // Set the expected hostname in the peer certificate for verification
-    if(! SSL_set1_host(stream.native_handle(), host.c_str()))
-    {
-        ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-        std::cerr << ec.message() << "\n";
-        return;
-    }
+    stream.set_verify_callback(ssl::host_name_verification(host));
 
     // Look up the domain name
     auto const results = resolver.async_resolve(host, port, yield[ec]);

example/http/client/sync-ssl/http_client_sync_ssl.cpp

@@ -75,12 +75,7 @@ int main(int argc, char** argv)
         }
 
         // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(stream.native_handle(), host))
-        {
-            throw beast::system_error(
-                static_cast<int>(::ERR_get_error()),
-                net::error::get_ssl_category());
-        }
+        stream.set_verify_callback(ssl::host_name_verification(host));
 
         // Look up the domain name
         auto const results = resolver.resolve(host, port);

example/websocket/client/async-ssl-system-executor/websocket_client_async_ssl_system_executor.cpp

@@ -74,6 +74,19 @@ public:
         char const* port,
         char const* text)
     {
+        // Set SNI Hostname (many hosts need this to handshake successfully)
+        if(! SSL_set_tlsext_host_name(ws_.next_layer().native_handle(), host))
+        {
+            beast::error_code ec{
+                static_cast<int>(::ERR_get_error()),
+                net::error::get_ssl_category()};
+            std::cerr << ec.message() << "\n";
+            return;
+        }
+
+        // Set the expected hostname in the peer certificate for verification
+        ws_.next_layer().set_verify_callback(ssl::host_name_verification(host));
+
         // Save these for later
         host_ = host;
         text_ = text;
@@ -115,20 +128,6 @@ public:
         // Set a timeout on the operation
         beast::get_lowest_layer(ws_).expires_after(std::chrono::seconds(30));
 
-        // Set SNI Hostname (many hosts need this to handshake successfully)
-        if(! SSL_set_tlsext_host_name(ws_.next_layer().native_handle(), host_.c_str()))
-        {
-            ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-            return fail(ec, "connect");
-        }
-
-        // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(ws_.next_layer().native_handle(), host_.c_str()))
-        {
-            ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-            return fail(ec, "connect");
-        }
-
         // Update the host_ string. This will provide the value of the
         // Host HTTP header during the WebSocket handshake.
         // See https://tools.ietf.org/html/rfc7230#section-5.4

example/websocket/client/async-ssl/websocket_client_async_ssl.cpp

@@ -66,6 +66,19 @@ public:
         char const* port,
         char const* text)
     {
+        // Set SNI Hostname (many hosts need this to handshake successfully)
+        if(! SSL_set_tlsext_host_name(ws_.next_layer().native_handle(), host))
+        {
+            beast::error_code ec{
+                static_cast<int>(::ERR_get_error()),
+                net::error::get_ssl_category()};
+            std::cerr << ec.message() << "\n";
+            return;
+        }
+
+        // Set the expected hostname in the peer certificate for verification
+        ws_.next_layer().set_verify_callback(ssl::host_name_verification(host));
+
         // Save these for later
         host_ = host;
         text_ = text;
@@ -106,21 +119,7 @@ public:
 
         // Set a timeout on the operation
         beast::get_lowest_layer(ws_).expires_after(std::chrono::seconds(30));
-
-        // Set SNI Hostname (many hosts need this to handshake successfully)
-        if(! SSL_set_tlsext_host_name(ws_.next_layer().native_handle(), host_.c_str()))
-        {
-            ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-            return fail(ec, "connect");
-        }
-
-        // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(ws_.next_layer().native_handle(), host_.c_str()))
-        {
-            ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-            return fail(ec, "connect");
-        }
-
+ 
         // Update the host_ string. This will provide the value of the
         // Host HTTP header during the WebSocket handshake.
         // See https://tools.ietf.org/html/rfc7230#section-5.4

example/websocket/client/coro-ssl/websocket_client_coro_ssl.cpp

@@ -78,11 +78,7 @@ do_session(
     }
 
     // Set the expected hostname in the peer certificate for verification
-    if(! SSL_set1_host(ws.next_layer().native_handle(), host.c_str()))
-    {
-        ec.assign(static_cast<int>(::ERR_get_error()), net::error::get_ssl_category());
-        return fail(ec, "connect");
-    }
+    ws.next_layer().set_verify_callback(ssl::host_name_verification(host));
 
     // Update the host string. This will provide the value of the
     // Host HTTP header during the WebSocket handshake.

example/websocket/client/sync-ssl/websocket_client_sync_ssl.cpp

@@ -81,12 +81,7 @@ int main(int argc, char** argv)
         }
 
         // Set the expected hostname in the peer certificate for verification
-        if(! SSL_set1_host(ws.next_layer().native_handle(), host.c_str()))
-        {
-            throw beast::system_error(
-                static_cast<int>(::ERR_get_error()),
-                net::error::get_ssl_category());
-        }
+        ws.next_layer().set_verify_callback(ssl::host_name_verification(host));
 
         // Update the host_ string. This will provide the value of the
         // Host HTTP header during the WebSocket handshake.