diff options
author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2009-10-25 11:25:24 +0000 |
---|---|---|
committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2009-10-25 11:25:24 +0000 |
commit | c76b743b347a71f15b2ffccb62ca2a3d22eb6d34 (patch) | |
tree | 01a241aef3d8cf407f98b9dd18296d0ef6aafa57 | |
parent | d356b09dfc3ff7b46eb2c46ff955f075ebf7486f (diff) | |
download | neon-c76b743b347a71f15b2ffccb62ca2a3d22eb6d34.tar.gz |
Merge r1742 from trunk:
* src/ne_session.c (ne_session_create): Only enable SNI by default if
the server hostname does not parse as a numeric IP address.
git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.29.x@1743 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
-rw-r--r-- | src/ne_session.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/ne_session.c b/src/ne_session.c index 900b83c..117c25a 100644 --- a/src/ne_session.c +++ b/src/ne_session.c @@ -171,9 +171,24 @@ ne_session *ne_session_create(const char *scheme, #ifdef NE_HAVE_SSL if (sess->use_ssl) { + ne_inet_addr *ia; + sess->ssl_context = ne_ssl_context_create(0); sess->flags[NE_SESSFLAG_SSLv2] = 1; - sess->flags[NE_SESSFLAG_TLS_SNI] = 1; + + /* If the hostname parses as an IP address, don't + * enable SNI by default. */ + ia = ne_iaddr_parse(hostname, ne_iaddr_ipv4); + if (ia == NULL) + ia = ne_iaddr_parse(hostname, ne_iaddr_ipv6); + + if (ia) { + sess->flags[NE_SESSFLAG_TLS_SNI] = 1; + ne_iaddr_free(ia); + } + NE_DEBUG(NE_DBG_SSL, "ssl: SNI %s by default.\n", + sess->flags[NE_SESSFLAG_TLS_SNI] ? + "enabled" : "disabled"); } #endif |