Philip Guenther <[email protected]> writes: > On Thu, Mar 27, 2014 at 3:33 AM, Jérémie Courrèges-Anglas > <[email protected]> wrote: >> Thanks sthen@ for noticing it, ftp(1) doesn't perform SNI, Server Name >> Indication. (try eg. https://www.stunnel.org/) >> >> Here's a diff to improve the situation (first and last hunks). While >> I can get some eyes for a review, let's add some more changes. ;) > > The other changes look ok to me, but I am unable to find any > documentation SSL_set_tlsext_host_name() to reassure me that it's > being used correctly here, or even that it's useful. > > :-(
Yup, there is no documentation, not even for the s_client -servername option. But I heard that the source code of upstream applications counted as official documentation. ;) Sites that also come handy when testing that stuff: https://www.ssllabs.com/ssltest/viewMyClient.html https://sni.velox.ch/ -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
