Merge pull request #16 from mcarbonneaux/master

Add SNI support to proxytunnel

.gitignore

@@ -0,0 +1,3 @@
+*.o
+*.exec
+proxytunnel.exe

Makefile

@@ -78,7 +78,7 @@ OBJ = proxytunnel.o	\
 
 .PHONY: all clean docs install
 
-all: proxytunnel docs
+all: proxytunnel
 
 docs:
 	$(MAKE) -C docs

http.c

@@ -109,7 +109,7 @@ void proxy_protocol(PTSTREAM *pts) {
 	} else {
 		if( args_info.verbose_flag )
 			message( "\nTunneling to %s (destination)\n", args_info.dest_arg );
-		sprintf( buf, "CONNECT %s HTTP/1.1\r\nHost: %s\r\n", args_info.dest_arg, args_info.host_arg ? args_info.host_arg : args_info.dest_arg );
+		sprintf( buf, "CONNECT %s HTTP/1.1\r\nHost: %s\r\n", args_info.dest_arg, args_info.host_arg ? args_info.host_arg : args_info.proxyhost_arg );
 	}
 	
 	if ( args_info.user_given && args_info.pass_given ) {

ptstream.c

@@ -148,6 +148,7 @@ int stream_enable_ssl(PTSTREAM *pts) {
 	const SSL_METHOD *meth;
 	SSL *ssl;
 	SSL_CTX *ctx;
+	long res = 1;
 	
 	/* Initialise the connection */
 	SSLeay_add_ssl_algorithms();
@@ -160,8 +161,20 @@ int stream_enable_ssl(PTSTREAM *pts) {
 
 	ctx = SSL_CTX_new (meth);
 	ssl = SSL_new (ctx);
+	
 	SSL_set_rfd (ssl, stream_get_incoming_fd(pts));
 	SSL_set_wfd (ssl, stream_get_outgoing_fd(pts));	
+
+	/* SNI support */
+	if ( args_info.verbose_flag ) {
+           message( "Set SNI hostname to %s\n", args_info.proxyhost_arg );
+    }
+	res = SSL_set_tlsext_host_name(ssl,args_info.proxyhost_arg);
+	if (res < 0) {
+	   message( "TLS SNI error, giving up: SSL_set_tlsext_host_name returned error message:\n  %u\n", res );
+	   exit( 1 );
+	}
+	
 	SSL_connect (ssl);
 
 	/* Store ssl and ctx parameters */