tls/sni: skip SNI check or server_name absent

baresip · Jul 30, 2024 · 1c83988 · 1c83988
1 parent 80baf46
commit 1c83988
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/src/tls/openssl/sni.c b/src/tls/openssl/sni.c
@@ -166,10 +166,8 @@ static int ssl_servername_handler(SSL *ssl, int *al, void *arg)
 	const char *sni;
 
 	sni = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
-	if (!str_isset(sni)) {
-		*al = SSL_AD_UNRECOGNIZED_NAME;
-		return SSL_TLSEXT_ERR_ALERT_FATAL;
-	}
+	if (!str_isset(sni))
+		return SSL_TLSEXT_ERR_OK;
 
 	/* find and apply matching certificate */
 	uc = tls_cert_for_sni(tls, sni);