tls: add client SNI (Server Name Indication) support

This commit is contained in:
Richard Aas 2016-06-02 07:31:30 +00:00
parent 09d40ac36c
commit 06bbc5ba2c
2 changed files with 24 additions and 0 deletions

View file

@ -44,6 +44,7 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
uint8_t *srv_key, size_t srv_key_size);
const char *tls_cipher_name(const struct tls_conn *tc);
int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count);
int tls_set_servername(struct tls_conn *tc, const char *servername);
/* TCP */

View file

@ -707,3 +707,26 @@ int tls_set_ciphers(struct tls *tls, const char *cipherv[], size_t count)
return err;
}
/**
* Set the server name on a TLS Connection, using TLS SNI extension.
*
* @param tc TLS Connection
* @param servername Server name
*
* @return 0 if success, otherwise errorcode
*/
int tls_set_servername(struct tls_conn *tc, const char *servername)
{
if (!tc || !servername)
return EINVAL;
if (1 != SSL_set_tlsext_host_name(tc->ssl, servername)) {
DEBUG_WARNING("tls: SSL_set_tlsext_host_name error\n");
ERR_clear_error();
return EPROTO;
}
return 0;
}