Merge pull request #49 from vapor/external-host

ensure that external hostname is set for stricter servers
vapor-community · Jun 2, 2017 · a2a2c4c · a2a2c4c
2 parents 33bbe3a + fca7e00
commit a2a2c4c
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 0 deletions.
diff --git a/Sources/TLS/ClientSocket.swift b/Sources/TLS/ClientSocket.swift
@@ -37,6 +37,25 @@ extension ClientSocket {
             #endif
         }
 
+        /// https://github.com/vapor/tls/issues/47
+        let hostname = servername ?? socket.hostname
+        var cName = hostname.utf8CString
+        try cName.withUnsafeMutableBytes { name in
+            // SSL_set_tlsext_host_name is a C macro,
+            // which is not directly callable in Swift.
+            // This is its expanded form.
+            let result = SSL_ctrl(
+                ssl,
+                SSL_CTRL_SET_TLSEXT_HOSTNAME,
+                Int(TLSEXT_NAMETYPE_host_name),
+                name.baseAddress
+            )
+            try assert(
+                Int32(result),
+                functionName: "SSL_ctrl"
+            )
+        }
+
         try assert(
             SSL_connect(ssl),
             functionName: "SSL_connect"

diff --git a/Tests/TLSTests/LiveTests.swift b/Tests/TLSTests/LiveTests.swift
@@ -16,6 +16,7 @@ class LiveTests: XCTestCase {
         ("testGoogleMapsApi", testGoogleMapsApi),
         ("testConnectIcePay", testConnectIcePay),
         ("testServer", testServer),
+        ("testHTTPBinGet", testHTTPBinGet),
     ]
 
     func testNoVerify() throws {
@@ -234,4 +235,22 @@ class LiveTests: XCTestCase {
             timeout: DispatchTime.init(secondsFromNow: 10)
         )
     }
+
+    func testHTTPBinGet() throws {
+        let stream = try InternetSocket(
+            .client,
+            hostname: "httpbin.org",
+            port: 443
+        )
+        try stream.connect(servername: "httpbin.org")
+        _ = try stream.write("GET /get HTTP/1.1".makeBytes())
+        _ = try stream.write("\r\n".makeBytes())
+        _ = try stream.write("Accept: */*".makeBytes())
+        _ = try stream.write("\r\n".makeBytes())
+        _ = try stream.write("Host: httpbin.org".makeBytes())
+        _ = try stream.write("\r\n\r\n".makeBytes()) // double line terminator
+
+        let result = try stream.read(max: 2048).makeString()
+        XCTAssert(result.contains("200 OK"))
+    }
 }