On Fri, 5 Nov 2010, Daniel Stenberg wrote:
curl https://207.97.227.239/ -H "Host: github.com"
Suddenly I realize what Peter is talking about and why this may be
problematic.
We then need to make sure this connection internally is considered as a HTTPS
connection to github.com so that it only gets re-used for that, and not for
any other random host name that happens to be on the same IP. But that's a
bit "weird" for a HTTP header to dictate those rules over the connection and
SSL, especially if you for example do subsequent requests on the same handle
but change Host: again... :-/
This smells like a potential can of worms.
Perhaps we need to do this case with a new host name option for the SNI and
server cert name check.
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
