Merge pull request #754 from criege/UNDERTOW-1533

UNDERTOW-1533 Send SNI when connecting via HTTP Proxy

core/src/main/java/io/undertow/protocols/ssl/UndertowXnioSsl.java

@@ -23,6 +23,7 @@
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.SocketAddress;
+import java.net.URI;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
@@ -203,6 +204,16 @@ public SslConnection wrapExistingConnection(StreamConnection connection, OptionM
         return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), clientMode), bufferPool);
     }
 
+    public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap, URI destinationURI) {
+        SSLEngine sslEngine = createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), true);
+        SSLParameters sslParameters = sslEngine.getSSLParameters();
+        if (sslParameters.getServerNames() == null || sslParameters.getServerNames().isEmpty()) {
+            sslParameters.setServerNames(Collections.singletonList(new SNIHostName(destinationURI.getHost())));
+            sslEngine.setSSLParameters(sslParameters);
+        }
+        return new UndertowSslConnection(connection, sslEngine, bufferPool);
+    }
+
     /**
      * Create a new  SSL engine, configured from an option map.
      *

core/src/main/java/io/undertow/websockets/client/WebSocketClient.java

@@ -258,7 +258,7 @@ public void completed(ClientExchange response) {
                                                     StreamConnection targetConnection = connection.performUpgrade();
                                                     WebSocketLogger.REQUEST_LOGGER.debugf("Established websocket connection to %s", uri);
                                                     if (uri.getScheme().equals("wss") || uri.getScheme().equals("https")) {
-                                                        handleConnectionWithExistingConnection(((UndertowXnioSsl) ssl).wrapExistingConnection(targetConnection, optionMap));
+                                                        handleConnectionWithExistingConnection(((UndertowXnioSsl) ssl).wrapExistingConnection(targetConnection, optionMap, uri));
                                                     } else {
                                                         handleConnectionWithExistingConnection(targetConnection);
                                                     }