go crypto/tls SNICallback patch

0001-Add-SNICallback-to-tls.Config.patch

From dfab1ff5a57b6a0809b1a6c7d3dccaf71d630ce8 Mon Sep 17 00:00:00 2001
From: Ben Burkert <ben@benburkert.com>
Date: Thu, 22 Mar 2012 11:18:04 -0700
Subject: [PATCH] Add SNICallback to tls.Config.

---
 tls/common.go           |    3 +++
 tls/handshake_server.go |    9 +++++++++
 2 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/tls/common.go b/tls/common.go
index 25f7a92..42e3e0e 100644
--- a/tls/common.go
+++ b/tls/common.go
@@ -140,6 +140,9 @@ type Config struct {
 	// Server configurations must include at least one certificate.
 	Certificates []Certificate
 
+	// SNICallback can change the Config used in the TLS connection.
+	SNICallback func(servername string) *Config
+
 	// NameToCertificate maps from a certificate name to an element of
 	// Certificates. Note that a certificate name can be of the form
 	// '*.example.com' and so doesn't have to be a domain name as such.
diff --git a/tls/handshake_server.go b/tls/handshake_server.go
index fb53767..2ef3e8d 100644
--- a/tls/handshake_server.go
+++ b/tls/handshake_server.go
@@ -122,6 +122,15 @@ FindCipherSuite:
 	}
 
 	certMsg := new(certificateMsg)
+	if config.SNICallback != nil && len(clientHello.serverName) > 0 {
+		nextConfig := config.SNICallback(clientHello.serverName)
+
+		if nextConfig != nil {
+			c.config = nextConfig
+			config = nextConfig
+		}
+	}
+
 	if len(clientHello.serverName) > 0 {
 		c.serverName = clientHello.serverName
 		certMsg.certificates = config.getCertificateForName(clientHello.serverName).Certificate
-- 
1.7.9