On Fri, 8 May 2020, Felipe Gasper via curl-library wrote:
Is it possible with libcurl to send an HTTP/1.1 request whose Host header
mismatches the TLS SNI string?
Sure, just set the Host: header to something not used in the URL. With the
command line tool it would be something like this:
curl -H "Host: different.example.com" https://another.example.com/
Then you'll get use the host name for resolving and for SNI but the custom
header in the HTTP request.
You can also separate the SNI name from the resolving name if you want, with
--resolve or --connect-to.
And they're all of course possible to set and change with libcurl too.
Also, if anyone knows: what are the “perils” of making such a request? Does
Apache or nginx reject such requests?
I don't know how the servers behave. I *think* they pretty much need to reject
requests where the SNI and Host: names mismatch so that you can't request
pages from another host name that potentially uses a different certificate
etc. But this is mostly a guess on my part.
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
