SSL: send SNI extension only if not connecting to an IP

otherwise the host name and the name we send in the SNI header (the IP) would not match. Reviewed-by: Thiago Macieira Reviewed-by: Richard J. Moore Task-number: QTBUG-18258
author: Peter Hartmann <peter.hartmann@nokia.com> 2011-03-22 10:54:46 +0100
committer: Peter Hartmann <peter.hartmann@nokia.com> 2011-03-22 11:15:52 +0100
commit: 3441c288be67c79c960e8386668731e55db60f0c (patch)
tree: ddc497cf57d604cc90fb9dd66bff8195c5ce0fd8 /src/network
parent: f464bef8b0d8cd30a3c795558e5a7b28635ac057 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index c1b17125cd..d6967fe449 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -418,7 +418,8 @@ init_context:
         if (tlsHostName.isEmpty())
             tlsHostName = hostName;
         QByteArray ace = QUrl::toAce(tlsHostName);
-        if (!ace.isEmpty()) {
+        // only send the SNI header if the URL is valid and not an IP
+        if (!ace.isEmpty() && !QHostAddress().setAddress(tlsHostName)) {
             if (!q_SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, ace.constData()))
                 qWarning("could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled");
         }
author	Peter Hartmann <peter.hartmann@nokia.com>	2011-03-22 10:54:46 +0100
committer	Peter Hartmann <peter.hartmann@nokia.com>	2011-03-22 11:15:52 +0100
commit	3441c288be67c79c960e8386668731e55db60f0c (patch)
tree	ddc497cf57d604cc90fb9dd66bff8195c5ce0fd8 /src/network
parent	f464bef8b0d8cd30a3c795558e5a7b28635ac057 (diff)