From 8391c2717200ce001684c53aca30ad64487cd281 Mon Sep 17 00:00:00 2001
From: Kirilll Zaborsky <qrilka@gmail.com>
Date: Wed, 26 Aug 2015 09:57:07 +0300
Subject: inets: SNI to be passed with requests through CONNECT

httpc should fill SNI extenstion for HTTPS requests sent through
CONNECT tunnel to provide proper access to websites using SNI
---
 lib/inets/src/http_client/httpc_handler.erl | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'lib/inets')

diff --git a/lib/inets/src/http_client/httpc_handler.erl b/lib/inets/src/http_client/httpc_handler.erl
index e6dcfee818..d1c52dcc78 100644
--- a/lib/inets/src/http_client/httpc_handler.erl
+++ b/lib/inets/src/http_client/httpc_handler.erl
@@ -1827,11 +1827,13 @@ host_header(_, URI) ->
 tls_upgrade(#state{status = 
 		       {ssl_tunnel, 
 			#request{settings = 
-				     #http_options{ssl = {_, TLSOptions} = SocketType},
-				     address = Address} = Request},
+				     #http_options{ssl = {_, TLSOptions0} = SocketType},
+				     address = {Host, _} = Address} = Request},
 		   session = #session{socket = TCPSocket} = Session0,
 		   options = Options} = State) ->
 
+    TLSOptions = maybe_add_sni(Host, TLSOptions0),
+
     case ssl:connect(TCPSocket, TLSOptions) of
 	{ok, TLSSocket} ->
 	    ClientClose = httpc_request:is_client_closing(Request#request.headers),
@@ -1862,6 +1864,15 @@ tls_upgrade(#state{status =
 	    {stop, normal, State#state{request = Request}}
     end.
 
+maybe_add_sni(Host, Options) ->
+    case http_util:is_hostname(Host) andalso
+	  not lists:keymember(server_name_indication, 1, Options) of
+	true ->
+	    [{server_name_indication, Host} | Options];
+	false ->
+	    Options
+    end.
+
 %% ---------------------------------------------------------------------
 %% Session wrappers
 %% ---------------------------------------------------------------------
-- 
cgit v1.2.3