ssl: Support TLS SNI extension

zhaojh329 · Oct 21, 2019 · 753bcb4 · 753bcb4
1 parent 45098c8
commit 753bcb4
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/src/ssl.c b/src/ssl.c
@@ -65,7 +65,7 @@ struct uwsc_ssl_ctx {
 
 #endif
 
-int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock)
+int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock, char *host)
 {
     struct uwsc_ssl_ctx *c = calloc(1, sizeof(struct uwsc_ssl_ctx));
 
@@ -93,6 +93,7 @@ int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock)
 
     mbedtls_ssl_set_bio(&c->ssl, &c->net, mbedtls_net_send,
         mbedtls_net_recv, NULL);
+    mbedtls_ssl_set_hostname(&c->ssl, host);
 
     mbedtls_ssl_setup(&c->ssl, &c->cfg);
 
@@ -111,8 +112,8 @@ int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock)
     c->ctx = SSL_CTX_new(TLS_client_method());
 #endif
     SSL_CTX_set_verify(c->ctx, SSL_VERIFY_NONE, NULL);
-
     c->ssl = SSL_new(c->ctx);
+    SSL_set_tlsext_host_name(c->ssl, host);
     SSL_set_fd(c->ssl, sock);
 #endif
 

diff --git a/src/ssl.h b/src/ssl.h
@@ -34,7 +34,7 @@
 
 struct uwsc_ssl_ctx;
 
-int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock);
+int uwsc_ssl_init(struct uwsc_ssl_ctx **ctx, int sock, char *host);
 int uwsc_ssl_handshake(struct uwsc_ssl_ctx *ctx);
 void uwsc_ssl_free(struct uwsc_ssl_ctx *ctx);
 

diff --git a/src/uwsc.c b/src/uwsc.c
@@ -616,10 +616,9 @@ int uwsc_init(struct uwsc_client *cl, struct ev_loop *loop, const char *url,
     cl->free = uwsc_free;
     cl->start_time = ev_now(cl->loop);
     cl->ping_interval = ping_interval;
-
     if (ssl) {
 #if (UWSC_SSL_SUPPORT)
-        uwsc_ssl_init((struct uwsc_ssl_ctx **)&cl->ssl, cl->sock);
+        uwsc_ssl_init((struct uwsc_ssl_ctx **)&cl->ssl, cl->sock, host);
 #else
         uwsc_log_err("SSL is not enabled at compile\n");
         uwsc_free(cl);