Description
Hi,
run into this issue with an OSX build of the latest C++ REST API 2.7.0.
There is no (default) support for the Server Name Indication TLS extension. OpenSSL does not enable the option automatically, so it needs to be set in the http_client_asio.cpp handshake implementation.
We tried adding it via set_native_handle_options first, but did not get it to work properly. This is probably the wrong place to do it anyway, because one would only need to set the SNI option once before the initial handshake, so it is contained within the ClientHello message.
Please see attached patch: cpprest_asio_ssl_sni.patch.txt
The patch unconditionally adds the server host name using the OpenSSL option SSL_set_tlsext_host_name before invoking the asynchronous handshake. Of course this could be improved to be provided via a config option.
Please note, SNI seems to be supported (automatically) on TLS connections when using the native WinHttp library - I remember starting with Windows Vista. Doing wireshark one can see the extension in the ClientHello send from a Windows app using the C++ REST API.
Let me know if you need more information.
Cheers,
Henning