[tls] Add support for Server Name Indication (SNI)

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2025-12-22 21:11:03 +03:00 · 2012-03-03 20:15:21 +00:00
parent d9ce3bfe4c
commit b7f8d1bbfd
4 changed files with 39 additions and 5 deletions
--- a/src/include/ipxe/http.h
+++ b/src/include/ipxe/http.h
@@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 extern int http_open_filter ( struct interface *xfer, struct uri *uri,
 			      unsigned int default_port,
 			      int ( * filter ) ( struct interface *,
+						 const char *,
 						 struct interface ** ) );

 #endif /* _IPXE_HTTP_H */
--- a/src/include/ipxe/tls.h
+++ b/src/include/ipxe/tls.h
@@ -74,6 +74,10 @@ struct tls_header {
 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002f
 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035

+/* TLS extension types */
+#define TLS_SERVER_NAME 0
+#define TLS_SERVER_NAME_HOST_NAME 0
+
 /** TLS RX state machine state */
 enum tls_rx_state {
 	TLS_RX_HEADER = 0,
@@ -133,6 +137,8 @@ struct tls_session {
 	/** Reference counter */
 	struct refcnt refcnt;

+	/** Server name */
+	const char *name;
 	/** Plaintext stream */
 	struct interface plainstream;
 	/** Ciphertext stream */
@@ -183,7 +189,7 @@ struct tls_session {
 	void *rx_data;
 };

-extern int add_tls ( struct interface *xfer,
+extern int add_tls ( struct interface *xfer, const char *name,
 		     struct interface **next );

 #endif /* _IPXE_TLS_H */