Add support for server-side TLS "Server Name Indication" (SNI)

[rlebeau]

(Broken out from IndySockets/Indy#160)

http://en.wikipedia.org/wiki/Server_Name_Indication

Per http://stackoverflow.com/questions/5113333/:

On the client side, you use SSL_set_tlsext_host_name(ssl, servername) before initiating the SSL connection.

On the server side, it's a little more complicated:

• Set up an additional SSL_CTX() for each different certificate;
• Add a servername callback to each SSL_CTX() using SSL_CTX_set_tlsext_servername_callback();
• In the callback, retrieve the client-supplied servername with SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name). Figure out the right SSL_CTX to go with that host name, then switch the SSL object to that SSL_CTX with SSL_set_SSL_CTX().

The s_client.c and s_server.c files in the apps/ directory of the OpenSSL source distribution implement this functionality, so they're a good resource to see how it should be done.

Client-side support for calling SSL_set_tlsext_host_name() when making an outbound SSL connection was added to TIdSSLIOHandlerSocketOpenSSL in SVN rev 5321. Server-side support when accepting an inbound SSL connection has not been implemented yet.