curl-users
Re: How to disable SNI?
Date: Fri, 31 Jul 2009 10:58:14 +0200
Daniel Stenberg wrote:
> On Wed, 29 Jul 2009, Curt Bogmine wrote:
>
>> The receiving party rejects the transmission right off the bat,
>> claiming they cannot support the hostname in the Client Hello. They
>> request that " some.server.com" be removed. Can this be done? It
>> appears the offending hostname apears in the following section of the
>> Client Hello (indicated by "Data").
>
> No, we should add an option to disable it. And we should explicitly
> disable it if anything else than TLSv1 is selected (as pointed out by
> Peter Sylvester).
>
> Care you work on a patch for this?
>
Some arguments:
When SSLv2 is selected, there is no need to try to set the hostname, it
won't wont
When SSLv3 is selected explicitely, then this seems to me an indication that
the server host has some kind of problem with negociation and higher
version. SSLv3 does not support extensions, no reason to add additional
data.
The default mode should leave it in IMO. Otherwise one would need to
use -1 to enable and when 1.1 1.2 comes up, ...
That was the essence of the idea behind the two lines "patch"
I send in my mail earlier.
have fun.
Peter
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-07-31