cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Manual setting of TLS Server Name Indication

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 10 Aug 2010 00:39:36 +0200 (CEST)

On Mon, 9 Aug 2010, Matthieu Speder wrote:

> I'm not sure to understand your idea with the custom Host header : for me
> the server will only get this within the HTTP header, so after the TLS
> transaction took place and it is then too late to modify the handshake to
> request client cert. But maybe I missed something.

I meant like how you pass on a custom Host: header to work with named-based
virtual hosts when you don't have their names in the DNS. Like for example if
you work on your site www.example.com locally you can still try it with curl
like:

$ curl -H "Host: www.example.com" http://127.0.0.1/

This feature is called CURLOPT_HTTPHEADER in libcurl lingo, and when you set a
custom Host: like this libcurl automatically works with that host when it does
cookie magic.

We could (or should?) perhaps do the same when a custom Host: is used and an
SNI name is passed on, as then (lib)curl would still do the proper SNI even
when trying out a local https:// site like above.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2010-08-10