From 78a9a09af9216a2dea454f561e0774e67a15c361 Mon Sep 17 00:00:00 2001
From: Raimo Niskanen <raimo@erlang.org>
Date: Wed, 29 Nov 2017 08:39:48 +0100
Subject: Stop checking DNS name for SNI

---
 lib/ssl/src/ssl.erl | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'lib/ssl/src/ssl.erl')

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 4007e44a83..4bff9fdf39 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -992,17 +992,21 @@ validate_option(next_protocols_advertised, Value) when is_list(Value) ->
     Value;
 validate_option(next_protocols_advertised, undefined) ->
     undefined;
-validate_option(server_name_indication = Opt, Value) when is_list(Value) ->
+validate_option(server_name_indication, Value) when is_list(Value) ->
     %% RFC 6066, Section 3: Currently, the only server names supported are
     %% DNS hostnames
-     case inet_parse:domain(Value) of
-        false -> 
-           throw({error, {options, {{Opt, Value}}}});
-        true -> 
-            Value
-     end;
-validate_option(server_name_indication, undefined = Value) ->
+    %% case inet_parse:domain(Value) of
+    %%     false ->
+    %%         throw({error, {options, {{Opt, Value}}}});
+    %%     true ->
+    %%         Value
+    %% end;
+    %%
+    %% But the definition seems very diffuse, so let all strings through
+    %% and leave it up to public_key to decide...
     Value;
+validate_option(server_name_indication, undefined) ->
+    undefined;
 validate_option(server_name_indication, disable) ->
     disable;
 
-- 
cgit v1.2.3