Arne, Emmanuel,
I can successfully reproduce the issue with an old wget build on win32.
It seems to me the SSL_TLSEXT_ERR_ALERT_WARNING is upsetting certain clients.
Arne, could you try the following patch on top of currend HEAD.
Emmanuel, could you share your thoughts about this?
Regards,
Lukas
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 38e95a8..531cfa1 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -197,7 +197,7 @@ static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct
bind_conf *s)
if (!servername) {
return (s->strict_sni ?
SSL_TLSEXT_ERR_ALERT_FATAL :
- SSL_TLSEXT_ERR_ALERT_WARNING);
+ SSL_TLSEXT_ERR_NOACK);
}
for (i = 0; i < trash.size; i++) {
