Merge branch 'megaposer-master' into development

Author: kavyako

CONTRIBUTORS.txt

@@ -35,6 +35,9 @@ Gery Vessere ([email protected])
 Cisco Systems
 Gergely Lukacsy (glukacsy)
 
+Ocedo GmbH
+Henning Pfeiffer (megaposer)
+
 thomasschaub
 
 Trimble

Release/include/cpprest/http_client.h

@@ -101,6 +101,7 @@ class http_client_config
         , m_set_user_nativehandle_options([](native_handle)->void{})
 #if !defined(_WIN32) && !defined(__cplusplus_winrt)
         , m_ssl_context_callback([](boost::asio::ssl::context&)->void{})
+        , m_tlsext_sni_enabled(true)
 #endif
 #if defined(_WIN32) && !defined(__cplusplus_winrt)
         , m_buffer_request(false)
@@ -347,6 +348,25 @@ class http_client_config
     {
         return m_ssl_context_callback;
     }
+
+    /// <summary>
+    /// Gets the TLS extension server name indication (SNI) status.
+    /// </summary>
+    /// <returns>True if TLS server name indication is enabled, false otherwise.</returns>
+    bool is_tlsext_sni_enabled() const
+    {
+        return m_tlsext_sni_enabled;
+    }
+
+    /// <summary>
+    /// Sets the TLS extension server name indication (SNI) status.
+    /// </summary>
+    /// <param name="tlsext_sni_enabled">False to disable the TLS (ClientHello) extension for server name indication, true otherwise.</param>
+    /// <remarks>Note: This setting is enabled by default as it is required in most virtual hosting scenarios.</remarks>
+    void set_tlsext_sni_enabled(bool tlsext_sni_enabled)
+    {
+        m_tlsext_sni_enabled = tlsext_sni_enabled;
+    }
 #endif
 
 private:
@@ -372,6 +392,7 @@ class http_client_config
 
 #if !defined(_WIN32) && !defined(__cplusplus_winrt)
     std::function<void(boost::asio::ssl::context&)> m_ssl_context_callback;
+    bool m_tlsext_sni_enabled;
 #endif
 #if defined(_WIN32) && !defined(__cplusplus_winrt)
     bool m_buffer_request;

Release/src/http/client/http_client_asio.cpp

@@ -136,6 +136,7 @@ class asio_connection
     template <typename HandshakeHandler, typename CertificateHandler>
     void async_handshake(boost::asio::ssl::stream_base::handshake_type type,
                          const http_client_config &config,
+                         const utility::string_t &host_name,
                          const HandshakeHandler &handshake_handler,
                          const CertificateHandler &cert_handler)
     {
@@ -152,6 +153,13 @@ class asio_connection
         {
             m_ssl_stream->set_verify_mode(boost::asio::ssl::context::verify_none);
         }
+
+        // Check to set host name for Server Name Indication (SNI)
+        if (config.is_tlsext_sni_enabled())
+        {
+            SSL_set_tlsext_host_name(m_ssl_stream->native_handle(), const_cast<char *>(host_name.data()));
+        }
+
         m_ssl_stream->async_handshake(type, handshake_handler);
     }
 
@@ -561,6 +569,7 @@ class asio_context : public request_context, public std::enable_shared_from_this
             const auto weakCtx = std::weak_ptr<asio_context>(shared_from_this());
             m_connection->async_handshake(boost::asio::ssl::stream_base::client,
                                           m_http_client->client_config(),
+                                          m_http_client->base_uri().host(),
                                           boost::bind(&asio_context::handle_handshake, shared_from_this(), boost::asio::placeholders::error),
 
                                           // Use a weak_ptr since the verify_callback is stored until the connection is destroyed.