SNI fix

Without this fix you always get the first cert attached to an IP and not necessarily the cert attached to the domain you're trying to scan.

Could be made modular in order to simulate a client which doesn't support SNI...

cipherscan

@@ -387,8 +387,8 @@ debug "Port: $PORT"
 TARGET=$HOST:$PORT
 debug "target: $TARGET"
 
-
-SCLIENTARGS=$(sed -e s,${TEMPTARGET},,<<<"${@}")
+SNI_FIX="-servername ${HOST}"
+SCLIENTARGS="$SNI_FIX $(sed -e s,${TEMPTARGET},,<<<"${@}")"
 debug "sclientargs: $SCLIENTARGS"