ircd::openssl: Include TLS1 header; start an SNI suite; minor reorg.

configure.ac

@@ -976,6 +976,7 @@ RB_CHK_SYSHEADER(openssl/x509.h, [OPENSSL_X509_H])
 RB_CHK_SYSHEADER(openssl/evp.h, [OPENSSL_EVP_H])
 RB_CHK_SYSHEADER(openssl/ripemd.h, [OPENSSL_RIPEMD_H])
 RB_CHK_SYSHEADER(openssl/dh.h, [OPENSSL_DH_H])
+RB_CHK_SYSHEADER(openssl/tls1.h, [OPENSSL_TLS1_H])
 AC_CHECK_LIB(ssl, SSL_version,
 [
 	have_ssl="yes"

include/ircd/openssl.h

@@ -123,9 +123,10 @@ namespace ircd::openssl
 	const X509 &current_cert(const X509_STORE_CTX &);
 	X509 &current_cert(X509_STORE_CTX &);
 
-	// SSL suite
+	// Cipher suite
 	string_view name(const SSL_CIPHER &);
 	const SSL_CIPHER *current_cipher(const SSL &);
+
 	string_view shared_ciphers(const mutable_buffer &buf, const SSL &);
 	string_view cipher_list(const SSL &, const int &priority);
 	std::string cipher_list(const SSL_CTX &, const int &priority = 0);
@@ -136,6 +137,9 @@ namespace ircd::openssl
 	void set_tmp_ecdh(SSL_CTX &, EC_KEY &);
 	void set_curves(SSL_CTX &, std::string list);
 	void set_curves(SSL &, std::string list);
+
+	// SNI suite
+	string_view server_name(const SSL &); // provided by client
 }
 
 /// OpenSSL BIO convenience utils and wraps; also secure file IO closures

ircd/openssl.cc

@@ -19,6 +19,7 @@
 #include <RB_INC_OPENSSL_EVP_H
 #include <RB_INC_OPENSSL_RIPEMD_H
 #include <RB_INC_OPENSSL_DH_H
+#include <RB_INC_OPENSSL_TLS1_H
 
 #if defined(LIBRESSL_VERSION_NUMBER)
 static time_t ASN1_TIME_seconds(const ASN1_TIME *);
@@ -48,7 +49,18 @@ namespace ircd::openssl
 //
 
 //
-// SSL
+// SNI
+//
+
+ircd::string_view
+ircd::openssl::server_name(const SSL &ssl)
+{
+	const int type(::SSL_get_servername_type(&ssl));
+	return ::SSL_get_servername(&ssl, type);
+}
+
+//
+// Cipher suite
 //
 
 void