inets: SNI to be passed with requests through CONNECT

httpc should fill SNI extenstion for HTTPS requests sent through
CONNECT tunnel to provide proper access to websites using SNI

1 files changed, 13 insertions, 2 deletions

diff --git a/lib/inets/src/http_client/httpc_handler.erl b/lib/inets/src/http_client/httpc_handler.erl
index e6dcfee818..d1c52dcc78 100644
--- a/lib/inets/src/http_client/httpc_handler.erl
+++ b/lib/inets/src/http_client/httpc_handler.erl
@@ -1827,11 +1827,13 @@ host_header(_, URI) ->
 tls_upgrade(#state{status = 
 		       {ssl_tunnel, 
 			#request{settings = 
-				     #http_options{ssl = {_, TLSOptions} = SocketType},
-				     address = Address} = Request},
+				     #http_options{ssl = {_, TLSOptions0} = SocketType},
+				     address = {Host, _} = Address} = Request},
 		   session = #session{socket = TCPSocket} = Session0,
 		   options = Options} = State) ->
 
+    TLSOptions = maybe_add_sni(Host, TLSOptions0),
+
     case ssl:connect(TCPSocket, TLSOptions) of
 	{ok, TLSSocket} ->
 	    ClientClose = httpc_request:is_client_closing(Request#request.headers),
@@ -1862,6 +1864,15 @@ tls_upgrade(#state{status =
 	    {stop, normal, State#state{request = Request}}
     end.
 
+maybe_add_sni(Host, Options) ->
+    case http_util:is_hostname(Host) andalso
+	  not lists:keymember(server_name_indication, 1, Options) of
+	true ->
+	    [{server_name_indication, Host} | Options];
+	false ->
+	    Options
+    end.
+
 %% ---------------------------------------------------------------------
 %% Session wrappers
 %% ---------------------------------------------------------------------