MINOR: ssl: provide ia function to set the SNI extension on a connection ssl_sock_set_servername() is used to set the SNI hostname on an outgoing connection. This function comes from code originally provided by Christopher Faulet of Qualys.

commit: 630764188b1dc1e2cf05820d53f0315c9b09bbca [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Fri Jul 10 11:33:32 2015 +0200
committer: Willy Tarreau <w@1wt.eu> Fri Jul 10 11:37:29 2015 +0200
tree: df367d606a7c86e27b8fe9449ecabdff5d9d4193
parent: 42529c38ac8ffc98bf50322adc39b708795f5c30 [diff]
diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index 61cf420..c2156bb 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h

@@ -52,6 +52,7 @@
 const char *ssl_sock_get_cipher_name(struct connection *conn);
 const char *ssl_sock_get_proto_version(struct connection *conn);
 char *ssl_sock_get_version(struct connection *conn);
+void ssl_sock_set_servername(struct connection *conn, const char *hostname);
 int ssl_sock_get_cert_used_sess(struct connection *conn);
 int ssl_sock_get_cert_used_conn(struct connection *conn);
 int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *out);

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index aeee8c3..7f5d2ae 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -3292,6 +3292,16 @@
 	return (char *)SSL_get_version(conn->xprt_ctx);
 }
 
+void ssl_sock_set_servername(struct connection *conn, const char *hostname)
+{
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+	if (!ssl_sock_is_ssl(conn))
+		return;
+
+	SSL_set_tlsext_host_name(conn->xprt_ctx, hostname);
+#endif
+}
+
 /* Extract peer certificate's common name into the chunk dest
  * Returns
  *  the len of the extracted common name
commit	630764188b1dc1e2cf05820d53f0315c9b09bbca	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Fri Jul 10 11:33:32 2015 +0200
committer	Willy Tarreau <w@1wt.eu>	Fri Jul 10 11:37:29 2015 +0200
tree	df367d606a7c86e27b8fe9449ecabdff5d9d4193
parent	42529c38ac8ffc98bf50322adc39b708795f5c30 [diff]