SSLPlugin: add SNI to server request

Makefile.msvc64

@@ -14,7 +14,7 @@ LN = link
 LDFLAGS = /nologo /subsystem:console /incremental:no /machine:x64
 DLFLAGS = /DLL
 DLSUFFICS = .dll
-LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib 
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib libeay32MT.lib ssleay32MT.lib
 LIBSOLD = libeay32MT.lib ssleay32MT.lib
 LIBEXT = .lib
 LNOUT = /out:
@@ -26,7 +26,7 @@ REMOVECOMMAND = del 2>NUL >NUL
 TYPECOMMAND = type
 COMPATLIBS =
 MAKEFILE = Makefile.msvc64
-PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
+PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin SSLPlugin
 VERFILE = $(VERFILE)
 
 #../3proxy.res:

src/plugins/SSLPlugin/my_ssl.c

@@ -2,11 +2,7 @@
 #define _CRT_SECURE_NO_WARNINGS
 
 #include "../../structures.h"
-#include "../../proxy.h"
-#include "my_ssl.h"
-
 #include <memory.h>
-#include <errno.h>
 #include <fcntl.h>
 #ifndef _WIN32
 #include <sys/file.h>
@@ -19,6 +15,12 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
+#include "../../proxy.h"
+#include "my_ssl.h"
+
+
+
+
 typedef struct _ssl_conn {
 	SSL_CTX *ctx;
 	SSL *ssl;
@@ -184,7 +186,7 @@ SSL_CERT ssl_copy_cert(SSL_CERT cert)
 }
 
 
-SSL_CONN ssl_handshake_to_server(SOCKET s, SSL_CERT *server_cert, char **errSSL)
+SSL_CONN ssl_handshake_to_server(SOCKET s, char * hostname, SSL_CERT *server_cert, char **errSSL)
 {
 	int err = 0;
 	X509 *cert;
@@ -214,6 +216,7 @@ SSL_CONN ssl_handshake_to_server(SOCKET s, SSL_CERT *server_cert, char **errSSL)
 		ssl_conn_free(conn);
 		return NULL;
 	}
+	if(hostname && *hostname)SSL_set_tlsext_host_name(conn->ssl, hostname);
 	err = SSL_connect(conn->ssl);
 	if ( err == -1 ) {
 		*errSSL = ERR_error_string(ERR_get_error(), errbuf);

src/plugins/SSLPlugin/my_ssl.h

@@ -18,7 +18,7 @@ SSL_CERT ssl_copy_cert(SSL_CERT cert);
 //
 // SSL/TLS handshakes
 //
-SSL_CONN ssl_handshake_to_server(SOCKET s, SSL_CERT *server_cert, char **errSSL);
+SSL_CONN ssl_handshake_to_server(SOCKET s, char * hostname, SSL_CERT *server_cert, char **errSSL);
 SSL_CONN ssl_handshake_to_client(SOCKET s, SSL_CERT server_cert, char **errSSL);
 
 //

src/plugins/SSLPlugin/ssl_plugin.c

@@ -7,13 +7,12 @@
 */
 
 #include "../../structures.h"
-#include "../../proxy.h"
 #include <openssl/rsa.h>       /* SSLeay stuff */
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
-#include <openssl/err.h>
+#include "../../proxy.h"
 #include "my_ssl.h"
 
 #ifndef _WIN32
@@ -236,7 +235,7 @@ int dossl(struct clientparam* param, SSL_CONN* ServerConnp, SSL_CONN* ClientConn
 	ul = ((unsigned long)ssl_connect_timeout)*1000;
 	setsockopt(param->remsock, SOL_SOCKET, SO_SNDTIMEO, (char *)&ul, 4);
  }
- ServerConn = ssl_handshake_to_server(param->remsock, &ServerCert, &errSSL);
+ ServerConn = ssl_handshake_to_server(param->remsock, (char *)param->hostname, &ServerCert, &errSSL);
  if ( ServerConn == NULL || ServerCert == NULL ) {
 	param->res = 8011;
 	param->srv->logfunc(param, (unsigned char *)"SSL handshake to server failed");

src/proxy.h

@@ -58,13 +58,13 @@
 #ifndef FD_SETSIZE
 #define FD_SETSIZE 4096
 #endif
-#include <errno.h>
 #include <signal.h>
 #include <sys/uio.h>
 #include <sys/time.h>
 #include <unistd.h>
 #include <pthread.h>
 #include <syslog.h>
+#include <errno.h>
 #endif
 
 #ifdef __CYGWIN__
@@ -77,7 +77,13 @@
 #undef errno
 #endif
 #define errno WSAGetLastError()
+#ifdef EAGAIN
+#undef EAGAIN
+#endif
 #define EAGAIN WSAEWOULDBLOCK
+#ifdef EINTR
+#undef EINTR
+#endif
 #define EINTR WSAEWOULDBLOCK
 #define SLEEPTIME 1
 #define usleep Sleep

src/version.h

@@ -1,2 +1,2 @@
 #define VERSION "3proxy-0.8b-devel"
-#define BUILDDATE "150504181054"
+#define BUILDDATE "150516170531"