feat(client): allow to set a specific sni hostname per request

joelwurtz · joelwurtz · commit e20d8aff3afc · 2025-02-05T17:02:07.000+01:00
diff --git a/client/src/client.rs b/client/src/client.rs
@@ -269,7 +269,7 @@ impl Client {
 
                 let (conn, version) = self
                     .connector
-                    .call((connect.hostname(), conn))
+                    .call((connect.sni_hostname(), conn))
                     .timeout(timer.as_mut())
                     .await
                     .map_err(|_| TimeoutError::TlsHandshake)??;
diff --git a/client/src/connect.rs b/client/src/connect.rs
@@ -80,17 +80,19 @@ pub struct Connect<'a> {
     pub(crate) uri: Uri<'a>,
     pub(crate) port: u16,
     pub(crate) addr: Addrs,
+    pub(crate) sni_hostname: Option<&'a str>,
 }
 
 impl<'a> Connect<'a> {
     /// Create `Connect` instance by splitting the string by ':' and convert the second part to u16
-    pub fn new(uri: Uri<'a>) -> Self {
+    pub fn new(uri: Uri<'a>, sni_hostname: Option<&'a str>) -> Self {
         let (_, port) = parse_host(uri.hostname());
 
         Self {
             uri,
             port: port.unwrap_or(0),
             addr: Addrs::None,
+            sni_hostname,
         }
     }
 
@@ -112,6 +114,11 @@ impl<'a> Connect<'a> {
         self.uri.hostname()
     }
 
+    /// Get sni hostname.
+    pub fn sni_hostname(&self) -> &str {
+        self.sni_hostname.unwrap_or_else(|| self.hostname())
+    }
+
     /// Get request port.
     pub fn port(&self) -> u16 {
         Address::port(&self.uri).unwrap_or(self.port)
diff --git a/client/src/connection.rs b/client/src/connection.rs
@@ -2,7 +2,7 @@ use core::hash::{Hash, Hasher};
 
 use xitca_http::http::uri::{Authority, PathAndQuery};
 
-use super::{tls::TlsStream, uri::Uri};
+use super::{connect::Connect, tls::TlsStream, uri::Uri};
 
 /// exclusive connection for http1 and in certain case they can be upgraded to [ConnectionShared]
 pub type ConnectionExclusive = TlsStream;
@@ -34,10 +34,17 @@ impl From<crate::h3::Connection> for ConnectionShared {
 #[doc(hidden)]
 #[derive(PartialEq, Eq, Debug, Clone, Hash)]
 pub enum ConnectionKey {
-    Regular(Authority),
+    Regular(AuthorityWithSni),
     Unix(AuthorityWithPath),
 }
 
+#[doc(hidden)]
+#[derive(PartialEq, Eq, Debug, Clone, Hash)]
+pub struct AuthorityWithSni {
+    authority: Authority,
+    sni: Option<String>,
+}
+
 #[doc(hidden)]
 #[derive(Eq, Debug, Clone)]
 pub struct AuthorityWithPath {
@@ -58,10 +65,13 @@ impl Hash for AuthorityWithPath {
     }
 }
 
-impl From<&Uri<'_>> for ConnectionKey {
-    fn from(uri: &Uri<'_>) -> Self {
-        match *uri {
-            Uri::Tcp(uri) | Uri::Tls(uri) => ConnectionKey::Regular(uri.authority().unwrap().clone()),
+impl From<&Connect<'_>> for ConnectionKey {
+    fn from(connect: &Connect<'_>) -> Self {
+        match connect.uri {
+            Uri::Tcp(uri) | Uri::Tls(uri) => ConnectionKey::Regular(AuthorityWithSni {
+                authority: uri.authority().unwrap().clone(),
+                sni: connect.sni_hostname.map(|s| s.to_string()),
+            }),
             Uri::Unix(uri) => ConnectionKey::Unix(AuthorityWithPath {
                 authority: uri.authority().unwrap().clone(),
                 path_and_query: uri.path_and_query().unwrap().clone(),
diff --git a/client/src/middleware/redirect.rs b/client/src/middleware/redirect.rs
@@ -28,13 +28,26 @@ where
     type Error = Error;
 
     async fn call(&self, req: ServiceRequest<'r, 'c>) -> Result<Self::Response, Self::Error> {
-        let ServiceRequest { req, client, timeout } = req;
+        let ServiceRequest {
+            req,
+            client,
+            timeout,
+            sni_hostname,
+        } = req;
         let mut headers = req.headers().clone();
         let mut method = req.method().clone();
         let mut uri = req.uri().clone();
         let ext = req.extensions().clone();
         loop {
-            let mut res = self.service.call(ServiceRequest { req, client, timeout }).await?;
+            let mut res = self
+                .service
+                .call(ServiceRequest {
+                    req,
+                    client,
+                    timeout,
+                    sni_hostname,
+                })
+                .await?;
             match res.status() {
                 StatusCode::MOVED_PERMANENTLY | StatusCode::FOUND | StatusCode::SEE_OTHER => {
                     if method != Method::HEAD {
diff --git a/client/src/request.rs b/client/src/request.rs
@@ -22,6 +22,7 @@ pub struct RequestBuilder<'a, M = marker::Http> {
     err: Vec<Error>,
     client: &'a Client,
     timeout: Duration,
+    sni_hostname: Option<String>,
     _marker: PhantomData<M>,
 }
 
@@ -104,6 +105,7 @@ impl<'a, M> RequestBuilder<'a, M> {
             err: Vec::new(),
             client,
             timeout: client.timeout_config.request_timeout,
+            sni_hostname: None,
             _marker: PhantomData,
         }
     }
@@ -114,6 +116,7 @@ impl<'a, M> RequestBuilder<'a, M> {
             err: self.err,
             client: self.client,
             timeout: self.timeout,
+            sni_hostname: self.sni_hostname,
             _marker: PhantomData,
         }
     }
@@ -138,6 +141,7 @@ impl<'a, M> RequestBuilder<'a, M> {
                 req: &mut req,
                 client,
                 timeout,
+                sni_hostname: self.sni_hostname.as_deref(),
             })
             .await
     }
@@ -210,6 +214,13 @@ impl<'a, M> RequestBuilder<'a, M> {
         self
     }
 
+    /// Set SNI hostname of this request.
+    #[inline]
+    pub fn sni_hostname(mut self, sni_hostname: String) -> Self {
+        self.sni_hostname = Some(sni_hostname);
+        self
+    }
+
     fn map_body<B, E>(mut self, b: B) -> RequestBuilder<'a, M>
     where
         B: Stream<Item = Result<Bytes, E>> + Send + 'static,
diff --git a/client/src/service.rs b/client/src/service.rs
@@ -68,6 +68,7 @@ pub struct ServiceRequest<'r, 'c> {
     pub req: &'r mut Request<BoxBody>,
     pub client: &'c Client,
     pub timeout: Duration,
+    pub sni_hostname: Option<&'r str>,
 }
 
 /// type alias for object safe wrapper of type implement [Service] trait.
@@ -85,7 +86,12 @@ pub(crate) fn base_service() -> HttpService {
             #[cfg(any(feature = "http1", feature = "http2", feature = "http3"))]
             use crate::{error::TimeoutError, timeout::Timeout};
 
-            let ServiceRequest { req, client, timeout } = req;
+            let ServiceRequest {
+                req,
+                client,
+                timeout,
+                sni_hostname,
+            } = req;
 
             let uri = Uri::try_parse(req.uri())?;
 
@@ -94,13 +100,13 @@ pub(crate) fn base_service() -> HttpService {
             #[allow(unused_mut)]
             let mut version = req.version();
 
-            let mut connect = Connect::new(uri);
+            let mut connect = Connect::new(uri, sni_hostname);
 
             let _date = client.date_service.handle();
 
             loop {
                 match version {
-                    Version::HTTP_2 | Version::HTTP_3 => match client.shared_pool.acquire(&connect.uri).await {
+                    Version::HTTP_2 | Version::HTTP_3 => match client.shared_pool.acquire(&connect).await {
                         shared::AcquireOutput::Conn(mut _conn) => {
                             let mut _timer = Box::pin(tokio::time::sleep(timeout));
                             *req.version_mut() = version;
@@ -155,7 +161,7 @@ pub(crate) fn base_service() -> HttpService {
                                     if let Ok(Ok(conn)) = crate::h3::proto::connect(
                                         &client.h3_client,
                                         connect.addrs(),
-                                        connect.hostname(),
+                                        connect.sni_hostname(),
                                     )
                                     .timeout(timer.as_mut())
                                     .await
@@ -197,7 +203,7 @@ pub(crate) fn base_service() -> HttpService {
 
                                         #[cfg(feature = "http1")]
                                         {
-                                            client.exclusive_pool.try_add(&connect.uri, conn);
+                                            client.exclusive_pool.try_add(&connect, conn);
                                             // downgrade request version to what alpn protocol suggested from make_exclusive.
                                             version = alpn_version;
                                         }
@@ -212,7 +218,7 @@ pub(crate) fn base_service() -> HttpService {
                             _ => unreachable!("outer match didn't  handle version correctly."),
                         },
                     },
-                    version => match client.exclusive_pool.acquire(&connect.uri).await {
+                    version => match client.exclusive_pool.acquire(&connect).await {
                         exclusive::AcquireOutput::Conn(mut _conn) => {
                             *req.version_mut() = version;
 
@@ -307,6 +313,7 @@ mod test {
                 req,
                 client: &self.0,
                 timeout: self.0.timeout_config.request_timeout,
+                sni_hostname: None,
             }
         }
     }
