From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Oswald Buddenhagen <ossi@users.sf.net>
Date: Sat, 8 Sep 2018 18:36:16 +0200
Subject: [PATCH] use SNI when connecting with SSL

based on patch by Vincent Bernat <vincent@bernat.ch>.
---
 src/socket.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/socket.c b/src/socket.c
index dd79619..e3fda42 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -271,6 +271,8 @@ socket_start_tls( conn_t *conn, void (*cb)( int ok, void *aux ) )
 
 	init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn );
 	conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext );
+	if (ssl_return( "set server name", conn, SSL_set_tlsext_host_name( conn->ssl, conn->conf->host ) ) < 0)
+		return;
 	SSL_set_fd( conn->ssl, conn->fd );
 	SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER );
 	socket_expect_read( conn, 1 );