Enhanced SNI support

[jelu]

Hi,

This PR includes the following:

• Enhance the SNI support by configuring the SNI contexts in the same way as the main context.
• Added a SNI test that verifies the client certificate.

This fixes a problem we detected when using client certificate validation and SNI, what happened was that the SNI context did not get configured with the SSL_ca* options so when it switched to the SNI context it failed to verify the client certificate or did not verify it.

What this PR is trying to do is to setup the SNI context in the same way that the main context is setup in order to get everything working after switching context. Hopefully there is not a problem configuring the SNI context in this way.

I intentionally did not change the whitespace around the added code in order to more easily see what was changed.

Cheers Jerry

[noxxi]

Thanks for your bug report and patch. I've just released 1.998 which should fix your problem. While your patch was enough to fix the problem I've reworked the creation of SSL contexts instead to avoid code duplication.

[jelu]

Many thanks for the quick response and yes, that is a much better approach and I appreciate that you took the time to rework the code like that. I actually tried to do that at first but I felt that the patch got very messy and it was hard to outline the actual changes needed for better supporting SNI.