Thank you very much. Your patch is excellent quality and I accept it as-is! It is on the SVN now.
And I have no a problem with hardcoded OpenSSL constants yet. API seems to be backward compatible very well. Thanks again. L. > Simon, > > There was a file missing in the previous patch (httpsend.pas). > > Sorry, Ludo > > > -----Message d'origine----- > De : Ludo Brands [mailto:ludo.bra...@free.fr] > Envoyé : mercredi 2 mars 2011 11:51 > `A : 'Ararat Synapse' > Objet : [Synalist] RE : [Feature Request] Https/SNI (Server > NameIndication)Support PATCH > > > Simon, > > I understand you are talking about the client side SNI support. Miha's > reply is probably about the utility of synapse server side support for > SNI. > > Attached is a patch that supports client side SNI. You need OpenSSL > 0.9.8k or later to get this working. The server name sent to the host > is the hostname used in the http header and extracted from the url. > You can override the server name with a new string property > TCustomSSL.SNIHost. > > Note that this patch includes my previous patches (openssl and > cryptlib) sent recently. > > I haven't tested this with older versions of OpenSSL but looking at > the OpenSSL code there is no harm done calling SSL_ctrl using > undefined cmd parameters. Support for the SSL_CTRL_SET_TLSEXT_HOSTNAME > can also be disabled when compiling openssl which confirms the no harm > done. My only worry is the hardcoding of const > SSL_CTRL_SET_TLSEXT_HOSTNAME in ssl_openssl_lib. I don't know how > stable the openssl api has been so far. Lukas, can you shed your light > on this? I see there are more hardcoded constants in ssl_openssl_lib. > > Ludo > > -----Message d'origine----- > De : Simon L [mailto:sim...@gmail.com] > Envoyé : mercredi 23 février 2011 17:03 > `A : synalist-public@lists.sourceforge.net > Objet : [Synalist] [Feature Request] Https/SNI (Server Name > Indication)Support > > > Hello Lukas, > > Apache now supports multiple SSL sites on a single IP address: > http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI > > To take advantage of this feature, client software needs to implement > Server Name Indication (documented in RFC 4366) > > Most Web browsers now support SNI. It would be great if you add this > feature to Synapse HTTPSend. > > Thank you. > > > Simon > > ---------------------------------------------------------------------- > ------ -- Free Software Download: Index, Search & Analyze Logs and > other IT data in Real-Time with Splunk. Collect, index and harness all > the fast moving IT data generated by your applications, servers and > devices whether physical, virtual or in the cloud. Deliver compliance > at lower cost and gain new business insights. > http://p.sf.net/sfu/splunk-dev2dev > _______________________________________________ synalist-public > mailing list synalist-public@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/synalist-public > -- Lukas Gebauer. http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib. http://geoget.ararat.cz/ - Geocaching solution ------------------------------------------------------------------------------ Forrester Wave Report - Recovery time is now measured in hours and minutes not days. Key insights are discussed in the 2010 Forrester Wave Report as part of an in-depth evaluation of disaster recovery service providers. Forrester found the best-in-class provider in terms of services and vision. Read this report now! http://p.sf.net/sfu/ibm-webcastpromo _______________________________________________ synalist-public mailing list synalist-public@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/synalist-public
