Add support for client-side SNI

Author: Midar

extra.mk.in

@@ -2,5 +2,5 @@ OBJOPENSSL_SHARED_LIB = @OBJOPENSSL_SHARED_LIB@
 OBJOPENSSL_STATIC_LIB = @OBJOPENSSL_STATIC_LIB@
 OBJOPENSSL_FRAMEWORK = @OBJOPENSSL_FRAMEWORK@
 
-OBJFW_LIBS = @OBJFW_LIBS@
 OBJFW_FRAMEWORK_LIBS = @OBJFW_FRAMEWORK_LIBS@
+OBJFW_LIBS = @OBJFW_LIBS@

src/SSLSocket.m

@@ -199,6 +199,17 @@ - (void)SSL_startTLSWithExpectedHost: (OFString *)host
 			     SSLError: error];
 	}
 
+	if (SSL_set_tlsext_host_name(_SSL, [host UTF8String]) != 1) {
+		unsigned long error = ERR_get_error();
+
+		[self close];
+
+		@throw [SSLConnectionFailedException exceptionWithHost: host
+								  port: port
+								socket: self
+							      SSLError: error];
+	}
+
 	if (_certificateVerificationEnabled) {
 		X509_VERIFY_PARAM *param = SSL_get0_param(_SSL);