From 9f9b70dd4225f291efc61a1b4ee4afda88e22ea3 Mon Sep 17 00:00:00 2001
From: Thierry Bastian <thierryb@filewave.com>
Date: Fri, 9 Aug 2024 16:31:53 +0200
Subject: [PATCH] Adding SNI extension if available

---
 src/conn.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/conn.c b/src/conn.c
index 54bb697dd..bbda093b9 100644
--- a/src/conn.c
+++ b/src/conn.c
@@ -737,6 +737,13 @@ _makeTLSConn(natsConnection *nc)
                 SSL_set_verify(ssl, SSL_VERIFY_PEER, _collectSSLErr);
         }
     }
+#if defined(NATS_USE_OPENSSL_1_1)
+    // add the host name in the SNI extension
+    if ((s == NATS_OK) && (!SSL_set_tlsext_host_name(ssl, nc->cur->url->host)))
+    {
+        s = nats_setError(NATS_SSL_ERROR, "unable to set SNI extension for hostname '%s'", nc->cur->url->host);
+    }
+#endif
     if ((s == NATS_OK) && (SSL_do_handshake(ssl) != 1))
     {
         s = nats_setError(NATS_SSL_ERROR,