Stop checking DNS name for SNI

erlang · Dec 4, 2017 · 78a9a09 · 78a9a09
1 parent ad548db
commit 78a9a09
Showing 1 changed file with 12 additions and 8 deletions.
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
@@ -992,17 +992,21 @@ validate_option(next_protocols_advertised, Value) when is_list(Value) ->
     Value;
 validate_option(next_protocols_advertised, undefined) ->
     undefined;
-validate_option(server_name_indication = Opt, Value) when is_list(Value) ->
+validate_option(server_name_indication, Value) when is_list(Value) ->
     %% RFC 6066, Section 3: Currently, the only server names supported are
     %% DNS hostnames
-     case inet_parse:domain(Value) of
-        false -> 
-           throw({error, {options, {{Opt, Value}}}});
-        true -> 
-            Value
-     end;
-validate_option(server_name_indication, undefined = Value) ->
+    %% case inet_parse:domain(Value) of
+    %%     false ->
+    %%         throw({error, {options, {{Opt, Value}}}});
+    %%     true ->
+    %%         Value
+    %% end;
+    %%
+    %% But the definition seems very diffuse, so let all strings through
+    %% and leave it up to public_key to decide...
     Value;
+validate_option(server_name_indication, undefined) ->
+    undefined;
 validate_option(server_name_indication, disable) ->
     disable;