trac 58 ssl enable SNI per vhost certs

author erauhut <erauhut@irobot.com>

Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)

committer Andy Green <andy.green@linaro.org>

Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)
author erauhut <erauhut@irobot.com>
Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)
committer Andy Green <andy.green@linaro.org>
Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)
diff --git a/lib/client.c b/lib/client.c

index 560603e..28fcadb 100644 (file)
--- a/lib/client.c
+++ b/lib/client.c
@@ -129,6 +129,22 @@ int lws_client_socket_service(struct libwebsocket_context *context,
                                         SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
  
  
+               /* use server name indication (SNI), if supported,
+                * when establishing connection */
+#ifdef USE_CYASSL
+#ifdef CYASSL_SNI_HOST_NAME
+               const char *hostname = lws_hdr_simple_ptr(wsi,
+                       _WSI_TOKEN_CLIENT_PEER_ADDRESS);
+               CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME,
+                       hostname, strlen(hostname));
+#endif
+#else
+               const char *hostname = lws_hdr_simple_ptr(wsi,
+                       _WSI_TOKEN_CLIENT_PEER_ADDRESS);
+               SSL_set_tlsext_host_name(wsi->ssl, hostname);
+#endif
+
+
  #ifdef USE_CYASSL
                         /*
                          * CyaSSL does certificate verification differently
author	erauhut <erauhut@irobot.com>
	Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)
committer	Andy Green <andy.green@linaro.org>
	Sun, 23 Mar 2014 04:24:40 +0000 (12:24 +0800)