Add support to IOHook for retrieving the hostname sent via SNI.

author: Peter Powell <petpow@saberuk.com> 2017-10-29 11:15:47 +0000
committer: Peter Powell <petpow@saberuk.com> 2017-10-29 11:15:47 +0000
commit: b047c903da20862783b50af73594cce1592cbbfe (patch)
tree: 145ed0054d272153295b5757e5722195ba3f3ca6 /src/modules
parent: d865b434865907bfad0a187dd403d4ca8144e469 (diff)
3 files changed, 33 insertions, 1 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 08b4be08f..50c847ee4 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -1182,6 +1182,25 @@ info_done_dealloc:
 		out.append(UnknownIfNULL(gnutls_mac_get_name(gnutls_mac_get(sess))));
 	}
 
+	bool GetServerName(std::string& out) const CXX11_OVERRIDE
+	{
+		std::vector<char> nameBuffer;
+		size_t nameLength = 0;
+		unsigned int nameType = GNUTLS_NAME_DNS;
+
+		// First, determine the size of the hostname.
+		if (gnutls_server_name_get(sess, &nameBuffer[0], &nameLength, &nameType, 0) != GNUTLS_E_SHORT_MEMORY_BUFFER)
+			return false;
+
+		// Then retrieve the hostname.
+		nameBuffer.resize(nameLength);
+		if (gnutls_server_name_get(sess, &nameBuffer[0], &nameLength, &nameType, 0) != GNUTLS_E_SUCCESS)
+			return false;
+
+		out.append(&nameBuffer[0]);
+		return true;
+	}
+
 	GnuTLS::Profile* GetProfile() { return profile; }
 	bool IsHandshakeDone() const { return (status == ISSL_HANDSHAKEN); }
 };
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 4c246d6f5..45a728106 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -779,6 +779,16 @@ class OpenSSLIOHook : public SSLIOHook
 		out.append(SSL_get_cipher(sess));
 	}
 
+	bool GetServerName(std::string& out) const CXX11_OVERRIDE
+	{
+		const char* name = SSL_get_servername(sess, TLSEXT_NAMETYPE_host_name);
+		if (!name)
+			return false;
+
+		out.append(name);
+		return true;
+	}
+
 	bool IsHandshakeDone() const { return (status == ISSL_OPEN); }
 };
 
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index 9682e92cf..5a5b40319 100644
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -220,7 +220,10 @@ class ModuleSSLInfo : public Module, public Whois::EventListener
 		ssl_cert* const cert = ssliohook->GetCertificate();
 
 		{
-			std::string text = "*** You are connected using SSL cipher '";
+			std::string text = "*** You are connected to ";
+			if (!ssliohook->GetServerName(text))
+				text.append(ServerInstance->Config->ServerName);
+			text.append(" using SSL cipher '");
 			ssliohook->GetCiphersuite(text);
 			text.push_back('\'');
 			if ((cert) && (!cert->GetFingerprint().empty()))
author	Peter Powell <petpow@saberuk.com>	2017-10-29 11:15:47 +0000
committer	Peter Powell <petpow@saberuk.com>	2017-10-29 11:15:47 +0000
commit	b047c903da20862783b50af73594cce1592cbbfe (patch)
tree	145ed0054d272153295b5757e5722195ba3f3ca6 /src/modules
parent	d865b434865907bfad0a187dd403d4ca8144e469 (diff)