By design of the protocol extension, the SNI value is supposed to be derived from the host portion of the URL in case it is not an IP address, and it supposed to be an FQDN that at least could be in the DNS (i.e. the owner of the IP address has the authority).
gatewaying or proxying using SNI is not a goal of this extension. What do you mean multiple virtual hosts sharing a single DNS entry? Do you have a real life example? On 08/09/2010 10:56 AM, Matthieu Speder wrote:
Hi, Classical behavior is to fill the SNI TLS Extension with the hostname specified in the url (this is what libcurl does today). However, in certain circumstances, in can be useful to override that, and manually specify the SNI field value (for example, when multiple virtual hosts share a single dns entry or when there is no dns at all and url contains an IP address). I've written a small enhancement for libcurl that offers a new option CURLOPT_SSLSNI allowing the SNI value to be specified. When the new option is not used, the behavior remains as it was before. Would it be possible to include this enhancement in the lib ? What is the best/correct way to submit a patch ? Thanks ! Matthieu ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
