diff options
| author | James Hannah <jhannah@bytemark.co.uk> | 2016-11-03 15:01:29 +0000 | 
|---|---|---|
| committer | James Hannah <jhannah@bytemark.co.uk> | 2016-11-03 15:01:29 +0000 | 
| commit | fa8a665c4c13af3fb5f6e9b1e5615c3bdc03dda7 (patch) | |
| tree | d24d8704b306d15c9a88c61de3740a1258c3c0b2 /lib | |
| parent | 8a1cc74ee24e44e26dd5c2ca84ffef62e859f5b8 (diff) | |
| parent | 5959b8243b73bbf8b41946fcac9f4544c4b0f017 (diff) | |
Merge branch '3-send-sni-when-falling-back-to-openssl' into 'master'
Send the server-name-indicator (SNI) when falling back to legacy.
If ruby-based SSL negotiation fails then we fallback to invoking
(horridly!) openssl directly.  Until now this didn't send the SNI
hostname to connect to, so it could only test the first/default SSL site
that was listening upon a given IP address.
This commit updates things such that we send the correct hostname,
from the URL under-test.
Closes #3
See merge request !1
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/custodian/protocoltest/ssl.rb | 2 | 
1 files changed, 1 insertions, 1 deletions
| diff --git a/lib/custodian/protocoltest/ssl.rb b/lib/custodian/protocoltest/ssl.rb index 0989ba9..c58a083 100644 --- a/lib/custodian/protocoltest/ssl.rb +++ b/lib/custodian/protocoltest/ssl.rb @@ -164,7 +164,7 @@ class SSLCheck      in_cert = false      # Run the command. -    out = `echo "" | openssl s_client -connect  #{uri.host}:#{uri.port} 2>/dev/null` +    out = `echo "" | openssl s_client -servername #{uri.host} -connect #{uri.host}:#{uri.port} 2>/dev/null`      # For each line of the output      out.split( /[\r\n]/ ).each do |line| | 
