By design of the protocol extension,
the SNI value is supposed to be derived from
the host portion of the URL in case it is not
an IP address, and it supposed to be an FQDN
that at least could be in the DNS (i.e. the owner
of the IP address has the authority).

gatewaying or proxying using SNI is not a goal
of this extension.

What do you mean multiple virtual hosts sharing
a single DNS entry?

Do you have a real life example?

On 08/09/2010 10:56 AM, Matthieu Speder wrote:
> Hi,
>
> Classical behavior is to fill the SNI TLS Extension with the hostname
> specified in the url (this is what libcurl does today).
> However, in certain circumstances, in can be useful to override that, and
> manually specify the SNI field value (for example, when multiple virtual
> hosts share a single dns entry or when there is no dns at all and url
> contains an IP address).
> I've written a small enhancement for libcurl that offers a new option
> CURLOPT_SSLSNI allowing the SNI value to be specified.
> When the new option is not used, the behavior remains as it was before.
>
> Would it be possible to include this enhancement in the lib ?
> What is the best/correct way to submit a patch ?
>
> Thanks !
>
> Matthieu
>
>
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-08-09