NAME

SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername - handle server name indication (SNI)


SYNOPSIS

 #include <openssl/ssl.h>
 long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
                                   int (*cb)(SSL *, int *, void *));
 long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
 const char *SSL_get_servername(const SSL *s, const int type);
 int SSL_get_servername_type(const SSL *s);


DESCRIPTION

SSL_CTX_set_tlsext_servername_callback() sets the application callback cb used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When cb is NULL, SNI is not used. The arg value is a pointer which is passed to the application callback.

SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this SSL_CTX.

SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.

SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is TLSEXT_NAMETYPE_host_name.


NOTES

The ALPN and SNI callbacks are both executed during Client Hello processing. The servername callback is executed first, followed by the ALPN callback.


RETURN VALUES

SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success.


SEE ALSO

ssl(7), SSL_CTX_set_alpn_select_cb(3), SSL_get0_alpn_selected(3)


COPYRIGHT

Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.