darwinssl: Warn that disabling host verify also disables SNI

In DarwinSSL the SSLSetPeerDomainName function is used to enable both sending SNI and verifying the host. When host verification is disabled the function cannot be called, therefore SNI is disabled as well. Closes https://github.com/curl/curl/pull/1240
author: JDepooter <joel.depooter@safe.com> 2017-02-02 13:40:16 -0800
committer: Jay Satiro <raysatiro@yahoo.com> 2017-03-02 02:42:15 -0500
commit: 0966ab5bd4ad547c74e1032899c87f7214bc5b73 (patch)
tree: 1c6baad52f45fd684d8aa43c0f148a99a10e13c0 /lib/vtls/darwinssl.c
parent: a162d8b21b0becd1feabcc4a9d67f5ef03966d6a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 050bf960b..25a8ab8b6 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -1425,6 +1425,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
             "the OS.\n");
     }
   }
+  else {
+    infof(data, "WARNING: disabling hostname validation also disables SNI.\n");
+  }
 
   /* Disable cipher suites that ST supports but are not safe. These ciphers
      are unlikely to be used in any case since ST gives other ciphers a much
author	JDepooter <joel.depooter@safe.com>	2017-02-02 13:40:16 -0800
committer	Jay Satiro <raysatiro@yahoo.com>	2017-03-02 02:42:15 -0500
commit	0966ab5bd4ad547c74e1032899c87f7214bc5b73 (patch)
tree	1c6baad52f45fd684d8aa43c0f148a99a10e13c0 /lib/vtls/darwinssl.c
parent	a162d8b21b0becd1feabcc4a9d67f5ef03966d6a (diff)