Include the SNI for SSL client

SIPp · Sep 11, 2024 · d677f54 · d677f54
1 parent fdc0c97
commit d677f54
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/src/sslsocket.cpp b/src/sslsocket.cpp
@@ -126,7 +126,16 @@ const char *SSL_error_string(int ssl_error, int orig_ret)
 
 SSL* SSL_new_client()
 {
-    return SSL_new(sip_trp_ssl_ctx_client);
+    SSL* ssl = SSL_new(sip_trp_ssl_ctx_client);
+
+    // Inject the ServerNameIndication (SNI).
+    // It requires to be a hostname. However, SSL takes whatever we set.
+    // Ref https://datatracker.ietf.org/doc/html/rfc6066#section-3
+    if (strcmp(remote_ip, remote_host)) {
+        SSL_set_tlsext_host_name(ssl, remote_host);
+    }
+
+    return ssl;
 }
 
 SSL* SSL_new_server()