If no SNI has been explicitly set use the one from the session

If we have not decided on an SNI value yet, but we are attempting to reuse a session, and SNI is set in that, then we should use that value by default. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
author: Matt Caswell <matt@openssl.org> 2017-07-21 13:39:01 +0300
committer: Matt Caswell <matt@openssl.org> 2017-08-31 17:02:58 +0300
commit: c5de99a2d90b0714eeda4943444e3a6bfbc525ad (patch)
tree: 9240ca43a05a53227617a75a90aba20867bd71a6 /apps/s_client.c
parent: 087175449922ddc3063e37f61e2c4330f3cf0468 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index 36da3b6aa7..b3aedd20e7 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1888,6 +1888,26 @@ int s_client_main(int argc, char **argv)
             ERR_print_errors(bio_err);
             goto end;
         }
+        /* By default the SNI should be the same as was set in the session */
+        if (!noservername && servername == NULL)
+        {
+            const char *sni = SSL_SESSION_get0_hostname(sess);
+
+            if (sni != NULL) {
+                servername = OPENSSL_strdup(sni);
+                if (servername == NULL) {
+                    BIO_printf(bio_err, "Can't set server name\n");
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+            } else {
+                /*
+                 * Force no SNI to be sent so we are consistent with the
+                 * session.
+                 */
+                noservername = 1;
+            }
+        }
         SSL_SESSION_free(sess);
     }
author	Matt Caswell <matt@openssl.org>	2017-07-21 13:39:01 +0300
committer	Matt Caswell <matt@openssl.org>	2017-08-31 17:02:58 +0300
commit	c5de99a2d90b0714eeda4943444e3a6bfbc525ad (patch)
tree	9240ca43a05a53227617a75a90aba20867bd71a6 /apps/s_client.c
parent	087175449922ddc3063e37f61e2c4330f3cf0468 (diff)