Skip to content

Commit

Permalink
Merge pull request #754 from criege/UNDERTOW-1533
Browse files Browse the repository at this point in the history
UNDERTOW-1533 Send SNI when connecting via HTTP Proxy
  • Loading branch information
fl4via committed May 13, 2019
2 parents bc23bff + 9554365 commit 4d19650
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 1 deletion.
11 changes: 11 additions & 0 deletions core/src/main/java/io/undertow/protocols/ssl/UndertowXnioSsl.java
Expand Up @@ -23,6 +23,7 @@
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
Expand Down Expand Up @@ -203,6 +204,16 @@ public SslConnection wrapExistingConnection(StreamConnection connection, OptionM
return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), clientMode), bufferPool);
}

public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap, URI destinationURI) {
SSLEngine sslEngine = createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), true);
SSLParameters sslParameters = sslEngine.getSSLParameters();
if (sslParameters.getServerNames() == null || sslParameters.getServerNames().isEmpty()) {
sslParameters.setServerNames(Collections.singletonList(new SNIHostName(destinationURI.getHost())));
sslEngine.setSSLParameters(sslParameters);
}
return new UndertowSslConnection(connection, sslEngine, bufferPool);
}

/**
* Create a new SSL engine, configured from an option map.
*
Expand Down
Expand Up @@ -258,7 +258,7 @@ public void completed(ClientExchange response) {
StreamConnection targetConnection = connection.performUpgrade();
WebSocketLogger.REQUEST_LOGGER.debugf("Established websocket connection to %s", uri);
if (uri.getScheme().equals("wss") || uri.getScheme().equals("https")) {
handleConnectionWithExistingConnection(((UndertowXnioSsl) ssl).wrapExistingConnection(targetConnection, optionMap));
handleConnectionWithExistingConnection(((UndertowXnioSsl) ssl).wrapExistingConnection(targetConnection, optionMap, uri));
} else {
handleConnectionWithExistingConnection(targetConnection);
}
Expand Down

0 comments on commit 4d19650

Please sign in to comment.