From c7851da46435fd9303cf074378a17ac2ef2a9347 Mon Sep 17 00:00:00 2001
From: john <hondaxiao@tencent.com>
Date: Fri, 21 Jul 2023 11:21:06 +0800
Subject: [PATCH] API: Fix HTTPS callback issue using SNI in TLS client
 handshake. v5.0.168 (#3695)

---------

Co-authored-by: chundonglinlin <chundonglinlin@163.com>
---
 trunk/doc/CHANGELOG.md                          | 2 ++
 trunk/src/core/srs_core_version4.hpp            | 2 +-
 trunk/src/core/srs_core_version5.hpp            | 2 +-
 trunk/src/protocol/srs_protocol_http_client.cpp | 8 ++++++--
 trunk/src/protocol/srs_protocol_http_client.hpp | 2 +-
 5 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/trunk/doc/CHANGELOG.md b/trunk/doc/CHANGELOG.md
index d32b1de094..48bea3f87b 100644
--- a/trunk/doc/CHANGELOG.md
+++ b/trunk/doc/CHANGELOG.md
@@ -8,6 +8,7 @@ The changelog for SRS.
 
 ## SRS 5.0 Changelog
 
+* v5.0, 2023-07-21, Merge [#3695](https://github.com/ossrs/srs/pull/3695): API: Fix HTTPS callback issue using SNI in TLS client handshake. v5.0.168 (#3695)
 * v5.0, 2023-07-18, Merge [#3515](https://github.com/ossrs/srs/pull/3515): WebRTC: Support config the bitrate of transcoding AAC to Opus. v5.0.167 (#3515)
 * v5.0, 2023-07-09, Merge [#3615](https://github.com/ossrs/srs/pull/3615): Compile: Fix typo for 3rdparty. v5.0.166 (#3615)
 * v5.0, 2023-07-09, Fix issue of srs-player failing to play HTTP-FLV. v5.0.165
@@ -168,6 +169,7 @@ The changelog for SRS.
 
 ## SRS 4.0 Changelog
 
+* v4.0, 2023-07-21, Merge [#3695](https://github.com/ossrs/srs/pull/3695): API: Fix HTTPS callback issue using SNI in TLS client handshake. v4.0.270 (#3695)
 * v4.0, 2022-12-24, For [#296](https://github.com/ossrs/srs/issues/296): MP3: Fix bug for TS or HLS with mp3 codec. v4.0.269
 * v4.0, 2022-11-22, Pick [#3079](https://github.com/ossrs/srs/issues/3079): WebRTC: Fix no audio and video issue for Firefox. v4.0.268
 * v4.0, 2022-10-10, For [#2901](https://github.com/ossrs/srs/issues/2901): Edge: Fast disconnect and reconnect. v4.0.267
diff --git a/trunk/src/core/srs_core_version4.hpp b/trunk/src/core/srs_core_version4.hpp
index 9ac78bae42..21f2c75c0a 100644
--- a/trunk/src/core/srs_core_version4.hpp
+++ b/trunk/src/core/srs_core_version4.hpp
@@ -9,6 +9,6 @@
 
 #define VERSION_MAJOR       4
 #define VERSION_MINOR       0
-#define VERSION_REVISION    269
+#define VERSION_REVISION    270
 
 #endif
diff --git a/trunk/src/core/srs_core_version5.hpp b/trunk/src/core/srs_core_version5.hpp
index d3e358921b..9085524754 100644
--- a/trunk/src/core/srs_core_version5.hpp
+++ b/trunk/src/core/srs_core_version5.hpp
@@ -9,6 +9,6 @@
 
 #define VERSION_MAJOR       5
 #define VERSION_MINOR       0
-#define VERSION_REVISION    167
+#define VERSION_REVISION    168
 
 #endif
diff --git a/trunk/src/protocol/srs_protocol_http_client.cpp b/trunk/src/protocol/srs_protocol_http_client.cpp
index b5deb35590..1ba6e20095 100644
--- a/trunk/src/protocol/srs_protocol_http_client.cpp
+++ b/trunk/src/protocol/srs_protocol_http_client.cpp
@@ -56,7 +56,7 @@ SrsSslClient::~SrsSslClient()
 
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-srs_error_t SrsSslClient::handshake()
+srs_error_t SrsSslClient::handshake(const std::string& host)
 {
     srs_error_t err = srs_success;
 
@@ -88,6 +88,10 @@ srs_error_t SrsSslClient::handshake()
     // SSL setup active, as client role.
     SSL_set_connect_state(ssl);
     SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);
+    // If the server address is not in IP address format, set the host in the Server Name Indication (SNI) field.
+    if (!srs_check_ip_addr_valid(host)) {
+        SSL_set_tlsext_host_name(ssl, host.c_str());
+    }
 
     // Send ClientHello.
     int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
@@ -468,7 +472,7 @@ srs_error_t SrsHttpClient::connect()
 
     srs_utime_t starttime = srs_update_system_time();
 
-    if ((err = ssl_transport->handshake()) != srs_success) {
+    if ((err = ssl_transport->handshake(host)) != srs_success) {
         disconnect();
         return srs_error_wrap(err, "http: ssl connect %s %s:%d to=%dms, rto=%dms",
             schema_.c_str(), host.c_str(), port, srsu2msi(timeout), srsu2msi(recv_timeout));
diff --git a/trunk/src/protocol/srs_protocol_http_client.hpp b/trunk/src/protocol/srs_protocol_http_client.hpp
index 2da1108136..c047eee1ad 100644
--- a/trunk/src/protocol/srs_protocol_http_client.hpp
+++ b/trunk/src/protocol/srs_protocol_http_client.hpp
@@ -43,7 +43,7 @@ class SrsSslClient : public ISrsReader, public ISrsStreamWriter
     SrsSslClient(SrsTcpClient* tcp);
     virtual ~SrsSslClient();
 public:
-    virtual srs_error_t handshake();
+    virtual srs_error_t handshake(const std::string& host);
 public:
     virtual srs_error_t read(void* buf, size_t size, ssize_t* nread);
     virtual srs_error_t write(void* buf, size_t size, ssize_t* nwrite);