tls: added server_name to module parameters

- not that useful in the case of defining a single set of tls
  attributes, but has to be coherent with the config options

modules/tls/tls_cfg.c

@@ -35,6 +35,7 @@
 struct cfg_group_tls default_tls_cfg = {
 	0, /* tls_force_run */
 	STR_STATIC_INIT("TLSv1"), /* method */
+	STR_NULL, /* server name (sni) */
 	0, /* verify_certificate */
 	9, /* verify_depth */
 	0, /* require_certificate */
@@ -138,7 +139,9 @@ cfg_def_t	tls_cfg_def[] = {
 	{"force_run", CFG_VAR_INT | CFG_READONLY, 0, 1, 0, 0,
 		"force loading the tls module even when initial sanity checks fail"},
 	{"method",   CFG_VAR_STR | CFG_READONLY, 0, 0, 0, 0,
-		"TLS method used (TLSv1, SSLv3, SSLv2, SSLv23)"},
+		"TLS method used (TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23)"},
+	{"server_name",   CFG_VAR_STR | CFG_READONLY, 0, 0, 0, 0,
+		"Server name (SNI)"},
 	{"verify_certificate", CFG_VAR_INT | CFG_READONLY, 0, 1, 0, 0,
 		"if enabled the certificates will be verified" },
 	{"verify_depth", CFG_VAR_INT | CFG_READONLY, 0, 100, 0, 0,

modules/tls/tls_cfg.h

@@ -41,6 +41,7 @@
 struct cfg_group_tls {
 	int force_run;
 	str method;
+	str server_name;
 	int verify_cert;
 	int verify_depth;
 	int require_cert;

modules/tls/tls_mod.c

@@ -99,6 +99,7 @@ static tls_domain_t mod_params = {
 	{0, },                /* Cipher list */
 	TLS_USE_TLSv1,    /* TLS method */
 	STR_STATIC_INIT(TLS_CRL_FILE), /* Certificate revocation list */
+	{0, 0},           /* Server name (SNI) */
 	0                 /* next */
 };
 
@@ -120,6 +121,7 @@ tls_domain_t srv_defaults = {
 	{0, 0},                /* Cipher list */
 	TLS_USE_TLSv1,    /* TLS method */
 	STR_STATIC_INIT(TLS_CRL_FILE), /* Certificate revocation list */
+	{0, 0},           /* Server name (SNI) */
 	0                 /* next */
 };
 
@@ -141,6 +143,7 @@ tls_domain_t cli_defaults = {
 	{0, 0},                /* Cipher list */
 	TLS_USE_TLSv1,    /* TLS method */
 	{0, 0}, /* Certificate revocation list */
+	{0, 0},           /* Server name (SNI) */
 	0                 /* next */
 };
 
@@ -170,6 +173,7 @@ static cmd_export_t cmds[] = {
  */
 static param_export_t params[] = {
 	{"tls_method",          PARAM_STR,    &default_tls_cfg.method       },
+	{"server_name",         PARAM_STR,    &default_tls_cfg.server_name  },
 	{"verify_certificate",  PARAM_INT,    &default_tls_cfg.verify_cert  },
 	{"verify_depth",        PARAM_INT,    &default_tls_cfg.verify_depth },
 	{"require_certificate", PARAM_INT,    &default_tls_cfg.require_cert },
@@ -307,6 +311,7 @@ static int mod_init(void)
 	mod_params.crl_file = cfg_get(tls, tls_cfg, crl);
 	mod_params.cert_file = cfg_get(tls, tls_cfg, certificate);
 	mod_params.cipher_list = cfg_get(tls, tls_cfg, cipher_list);
+	mod_params.server_name = cfg_get(tls, tls_cfg, server_name);
 
 	tls_domains_cfg =
 			(tls_domains_cfg_t**)shm_malloc(sizeof(tls_domains_cfg_t*));