cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCH] possibly dangerous warnigns in lib/nss.c

From: Kamil Dudka <>
Date: Thu, 8 Oct 2009 00:30:42 +0200

On Thursday 08 of October 2009 00:07:25 Guenter wrote:
> it enables server-side SSL virtual hosting on one IP with multiple
> certs; client-side there needs to be support for the handshake the
> server sends ...
> we have enabled SSI with Apache 2.2.12, and lighttpd even added already
> earlier; all major browsers meanwhile support it too, and so we did also
> add it to curl ...

GŁn, thanks for the explanation! Now I can see the article about "Server Name
Indication" in the RFC. Do we really need to turn off SSL_V2_COMPATIBLE_HELLO
to transmit the "ServerNameList"? I haven't had enough time to look to the
nss' code. But I wonder how this is done in Firefox which uses nss and works
just fine.

You can try it youself with the following URLs: (NSS error -12229) (NSS error -12226)

List admin:
Received on 2009-10-08