1111import com .clickhouse .client .config .ClickHouseProxyType ;
1212import com .clickhouse .client .config .ClickHouseSslMode ;
1313import com .clickhouse .client .http .config .ClickHouseHttpOption ;
14+ import com .clickhouse .config .ClickHouseOption ;
1415import com .clickhouse .data .ClickHouseChecker ;
1516import com .clickhouse .data .ClickHouseExternalTable ;
1617import com .clickhouse .data .ClickHouseFormat ;
5455import org .apache .hc .core5 .util .Timeout ;
5556import org .apache .hc .core5 .util .VersionInfo ;
5657
58+ import javax .net .ssl .SNIHostName ;
5759import javax .net .ssl .SSLContext ;
5860import javax .net .ssl .SSLException ;
61+ import javax .net .ssl .SSLParameters ;
62+ import javax .net .ssl .SSLSocket ;
5963import java .io .BufferedReader ;
6064import java .io .ByteArrayInputStream ;
6165import java .io .ByteArrayOutputStream ;
6670import java .io .UncheckedIOException ;
6771import java .net .ConnectException ;
6872import java .net .HttpURLConnection ;
73+ import java .net .InetAddress ;
6974import java .net .InetSocketAddress ;
7075import java .net .Socket ;
71- import java .net .SocketOption ;
72- import java .net .SocketOptions ;
7376import java .nio .charset .StandardCharsets ;
7477import java .util .Collections ;
7578import java .util .List ;
@@ -394,6 +397,7 @@ public static SocketFactory create(ClickHouseConfig config) {
394397
395398 static class SSLSocketFactory extends SSLConnectionSocketFactory {
396399 private final ClickHouseConfig config ;
400+ private final SNIHostName defaultSNI ;
397401
398402 private SSLSocketFactory (ClickHouseConfig config ) throws SSLException {
399403 super (ClickHouseSslContextProvider .getProvider ().getSslContext (SSLContext .class , config )
@@ -402,13 +406,25 @@ private SSLSocketFactory(ClickHouseConfig config) throws SSLException {
402406 ? new DefaultHostnameVerifier ()
403407 : (hostname , session ) -> true ); // NOSONAR
404408 this .config = config ;
409+ String sni = config .getStrOption (ClickHouseClientOption .SSL_SOCKET_SNI );
410+ defaultSNI = sni == null || sni .trim ().isEmpty () ? null : new SNIHostName (sni );
405411 }
406412
407413 @ Override
408414 public Socket createSocket (HttpContext context ) throws IOException {
409415 return AbstractSocketClient .setSocketOptions (config , new Socket ());
410416 }
411417
418+ @ Override
419+ protected void prepareSocket (SSLSocket socket , HttpContext context ) throws IOException {
420+ super .prepareSocket (socket , context );
421+ if (defaultSNI != null ) {
422+ SSLParameters sslParams = socket .getSSLParameters ();
423+ sslParams .setServerNames (Collections .singletonList (defaultSNI ));
424+ socket .setSSLParameters (sslParams );
425+ }
426+ }
427+
412428 public static SSLSocketFactory create (ClickHouseConfig config ) throws SSLException {
413429 return new SSLSocketFactory (config );
414430 }
0 commit comments