crypto: use SSL_get_servername.
Checklist
-
make -j8 test
(UNIX), orvcbuild test nosign
(Windows) passes -
tests and/or benchmarks are included -
documentation is changed or added -
commit message follows commit guidelines
Affected core subsystem(s)
crypto
Description of change
(Patch by David Benjamin.)
Rather than reach into the SSL_SESSION, use the intended API, SSL_get_servername. This will also help the transition to OpenSSL 1.1.0.
Also don't fill in the tlsTicket field here. This is never read by oncertcb and was always false anyway; that field is maintained by clients and tracks whether the server issued a ticket or a session ID.
(Note this is distinct from the copy passed to onclienthello which is used and is not a no-op.)