commit 0c4b13bf15b8e5773b79e6317121fba5e97a154f
author Kevin Cernekee <cernekee@chromium.org> Wed Apr 20 20:09:54 2016
committer chrome-bot <chrome-bot@chromium.org> Fri Apr 22 22:43:25 2016
tree d6ce35fddaf067611f49a066007372f868156e68
parent ab36a75379f1cfaa7a803cb6f8b33ad31e49fcbf

FROMLIST: Enable TLS SNI

Upstream submission: https://github.com/ioerror/tlsdate/pull/186

In environments where SSL interception is in place, the SNI field is
often used to figure out whether to enable or disable interception
for a new connection.  Enable SNI on tlsdate requests.

BUG=chromium:400429
TEST=sniff tlsdate's ClientHello message before/after the change, and
     verify that it contains "clients3.google.com" under "Extension:
     server_name"

Change-Id: Ibe6383bd0b9b590a16a08ae8e1b74ee0f401b3f0
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/339834
Reviewed-by: Thiemo Nagel <tnagel@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

src/tlsdate-helper.c

diff --git a/src/tlsdate-helper.c b/src/tlsdate-helper.c
index 02dac7a..7455d39 100644
--- a/src/tlsdate-helper.c
+++ b/src/tlsdate-helper.c
@@ -745,6 +745,7 @@
       SSL_set_info_callback (ssl, openssl_time_callback);
     }
   SSL_set_mode (ssl, SSL_MODE_AUTO_RETRY);
+  SSL_set_tlsext_host_name (ssl, host);
   verb ("V: opening socket to %s:%s\n", host, port);
   if ( (1 != BIO_set_conn_hostname (s_bio, host)) ||
        (1 != BIO_set_conn_port (s_bio, port)))