< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] Suggestion regarding Client support for TLS SNI extension.

From: Udit Raikwar <udit043.ur@xxxxxxxxx>
Date: Sun, 31 Jul 2016 02:12:29 +0530

Hello,

I have created a Pull request[1] in which I am enabling client support for TLS SNI extension.

Server Name Indication (SNI) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. It allows multiple hostnames to be served over HTTPS from the same IP address. (Please read [2] or [3] for more information)

At present in resiprocate, SNI extension is not supported, to enable sni support in client side I have added some code in resip/stack/ssl/TlsConnection.cxx file. I have checked the server name in 'Client Hello' using wireshark.

Client Hello without SNI supported: https://i.imgsafe.org/54bf8257b4.png

Client Hello with SNI supported: https://i.imgsafe.org/54c253a037.png

Does anyone have any suggestions on supporting tls sni extension.

[1]= https://github.com/resiprocate/resiprocate/pull/54

[2]= https://devcentral.f5.com/articles/ssl-profiles-part-7-server-name-indication

[3]= https://en.wikipedia.org/wiki/Server_Name_Indication

Thanks

Udit

Follow-Ups:
- Re: [reSIProcate] Suggestion regarding Client support for TLS SNI extension.
  - From: Daniel Pocock

Prev by Date: [reSIProcate] [resiprocate/resiprocate] Client support for TLS SNI extension (#54)
Next by Date: Re: [reSIProcate] Suggestion regarding Client support for TLS SNI extension.
Previous by thread: Re: [reSIProcate] [resiprocate/resiprocate] Client support for TLS SNI extension (#54)
Next by thread: Re: [reSIProcate] Suggestion regarding Client support for TLS SNI extension.
Index(es):
- Date
- Thread