commit: r1743 - neon/branches/0.29.x/src
joe at manyfish.co.uk
joe at manyfish.co.uk
Sun Oct 25 07:25:24 EDT 2009
Author: joe
Date: Sun Oct 25 04:25:24 2009
New Revision: 1743
Modified:
neon/branches/0.29.x/src/ne_session.c
Log:
Merge r1742 from trunk:
* src/ne_session.c (ne_session_create): Only enable SNI by default if
the server hostname does not parse as a numeric IP address.
Modified: neon/branches/0.29.x/src/ne_session.c
==============================================================================
--- neon/branches/0.29.x/src/ne_session.c (original)
+++ neon/branches/0.29.x/src/ne_session.c Sun Oct 25 04:25:24 2009
@@ -171,9 +171,24 @@
#ifdef NE_HAVE_SSL
if (sess->use_ssl) {
+ ne_inet_addr *ia;
+
sess->ssl_context = ne_ssl_context_create(0);
sess->flags[NE_SESSFLAG_SSLv2] = 1;
- sess->flags[NE_SESSFLAG_TLS_SNI] = 1;
+
+ /* If the hostname parses as an IP address, don't
+ * enable SNI by default. */
+ ia = ne_iaddr_parse(hostname, ne_iaddr_ipv4);
+ if (ia == NULL)
+ ia = ne_iaddr_parse(hostname, ne_iaddr_ipv6);
+
+ if (ia) {
+ sess->flags[NE_SESSFLAG_TLS_SNI] = 1;
+ ne_iaddr_free(ia);
+ }
+ NE_DEBUG(NE_DBG_SSL, "ssl: SNI %s by default.\n",
+ sess->flags[NE_SESSFLAG_TLS_SNI] ?
+ "enabled" : "disabled");
}
#endif
More information about the neon-commits
mailing list