arch-ppa/src/axtls/axtls-sni.patch

diff -rU 4 a/ssl/Config.in b/ssl/Config.in
--- a/ssl/Config.in	2014-10-27 13:30:33.000000000 +0300
+++ b/ssl/Config.in	2015-06-09 18:32:26.000000000 +0300
@@ -314,8 +314,15 @@
 
         Note: not all the API is implemented, so parts may still break. And
         it's definitely not 100% compatible.
 
+config CONFIG_SSL_SNI
+    bool "Enable SNI"
+    default y
+    help
+        An extension to the TLS.
+        See 3.1 Server Name Indication at RFC 3546.
+
 config CONFIG_PERFORMANCE_TESTING
     bool "Build the bigint performance test tool"
     default n
     depends on CONFIG_SSL_CERT_VERIFICATION
diff -rU 4 a/ssl/tls1_clnt.c b/ssl/tls1_clnt.c
--- a/ssl/tls1_clnt.c	2014-11-07 03:24:28.000000000 +0300
+++ b/ssl/tls1_clnt.c	2015-06-09 18:32:26.000000000 +0300
@@ -218,8 +218,30 @@
     }
 
     buf[offset++] = 1;              /* no compression */
     buf[offset++] = 0;
+
+#ifdef CONFIG_SSL_SNI
+    if (ssl->host_name != NULL) {
+        unsigned int host_len = strlen(ssl->host_name);
+
+        buf[offset++] = 0;
+        buf[offset++] = host_len+9;     /* extensions length */
+
+        buf[offset++] = 0;
+        buf[offset++] = 0;              /* server_name(0) (65535) */
+        buf[offset++] = 0;
+        buf[offset++] = host_len+5;     /* server_name length */
+        buf[offset++] = 0;
+        buf[offset++] = host_len+3;     /* server_list length */
+        buf[offset++] = 0;              /* host_name(0) (255) */
+        buf[offset++] = 0;
+        buf[offset++] = host_len;       /* host_name length */
+        strncpy((char*) &buf[offset], ssl->host_name, host_len);
+        offset += host_len;
+    }
+#endif
+
     buf[3] = offset - 4;            /* handshake size */
 
     return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset);
 }
diff -rU 4 a/ssl/tls1.h b/ssl/tls1.h
--- a/ssl/tls1.h	2015-04-30 08:41:49.000000000 +0300
+++ b/ssl/tls1.h	2015-06-09 18:32:26.000000000 +0300
@@ -195,8 +195,12 @@
     uint8_t server_mac[SHA1_SIZE];  /* for HMAC verification */
     uint8_t read_sequence[8];       /* 64 bit sequence number */
     uint8_t write_sequence[8];      /* 64 bit sequence number */
     uint8_t hmac_header[SSL_RECORD_SIZE];    /* rx hmac */
+
+#ifdef CONFIG_SSL_SNI
+    const char* host_name;
+#endif
 };
 
 typedef struct _SSL SSL;