Skip to content

Commit

Permalink
Support for setting SNI extension on ssl socket handshake.
Browse files Browse the repository at this point in the history
Need this to support virtual host ssl servers.
  • Loading branch information
avrecko committed Dec 28, 2024
1 parent 8871733 commit 17c9b35
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 4 deletions.
2 changes: 1 addition & 1 deletion src/one/nio/net/NativeSslSocket.java
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ public Object getSslOption(SslOption option) {
return null;
}
@Override
public synchronized native void handshake() throws IOException;
public synchronized native void handshake(String sniHostName) throws IOException;

@Override
public synchronized native int writeRaw(long buf, int count, int flags) throws IOException;
Expand Down
2 changes: 1 addition & 1 deletion src/one/nio/net/Socket.java
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ public int send(ByteBuffer data, int flags, String host, int port) throws IOExce
return send(data, flags, InetAddress.getByName(host), port);
}

public void handshake() throws IOException {
public void handshake(String sniHostname) throws IOException {
// Only for SSL sockets
}

Expand Down
21 changes: 20 additions & 1 deletion src/one/nio/net/native/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -1109,12 +1109,31 @@ Java_one_nio_net_NativeSslSocket_sslFree(JNIEnv* env, jclass cls, jlong sslptr)
SSL_free(ssl);
}

static void set_tlsext_host_name(JNIEnv* env, SSL* ssl, jstring hostName) {
if (hostName != NULL) {
struct in_addr ipv4;
struct in6_addr ipv6;
const char *value = (*env) -> GetStringUTFChars(env, hostName, NULL);
// set sni if hostname not ipv4/ipv6
if (inet_pton(AF_INET, value, &ipv4) != 1 && inet_pton(AF_INET6, value, &ipv6) != 1) {
int result = SSL_set_tlsext_host_name(ssl, value);
(*env)->ReleaseStringUTFChars(env, hostName, value);
if (result <= 0) {
check_ssl_error(env, ssl, result);
}
} else {
(*env)->ReleaseStringUTFChars(env, hostName, value);
}
}
}

JNIEXPORT void JNICALL
Java_one_nio_net_NativeSslSocket_handshake(JNIEnv* env, jobject self) {
Java_one_nio_net_NativeSslSocket_handshake(JNIEnv* env, jobject self, jstring hostName) {
SSL* ssl = (SSL*)(intptr_t) (*env)->GetLongField(env, self, f_ssl);
if (ssl == NULL) {
throw_socket_closed(env);
} else {
set_tlsext_host_name(env, ssl, hostName);
int result = SSL_do_handshake(ssl);
if (result <= 0) {
check_ssl_error(env, ssl, result);
Expand Down
2 changes: 1 addition & 1 deletion src/one/nio/pool/SocketPool.java
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ public Socket createObject() throws PoolException {

if (sslContext != null) {
socket = socket.sslWrap(sslContext);
socket.handshake();
socket.handshake(host);
}

return socket;
Expand Down

0 comments on commit 17c9b35

Please sign in to comment.