Don't enforce SNI for now. It was causing problems in development.

commit: f0f7876b264515bf0c86c37d78ab558d939b82b0 [log] [tgz]
author: Brad Fitzpatrick <brad@danga.com> Sat Jan 17 12:25:12 2015 -0800
committer: Brad Fitzpatrick <brad@danga.com> Sat Jan 17 12:25:12 2015 -0800
tree: 8275148930a33b311f2d60524a886fe4f85f040b
parent: 36f7934bd38f22905a9eba016885fe04856ca4d1 [diff] [blame]
diff --git a/server.go b/server.go
index c719146..d47ae96 100644
--- a/server.go
+++ b/server.go

@@ -234,10 +234,16 @@
 			return
 		}
 
-		// Client must use SNI:
 		if sc.tlsState.ServerName == "" {
-			sc.rejectConn(ErrCodeProtocol, "client didn't use SNI")
-			return
+			// Client must use SNI, but we don't enforce that anymore,
+			// since it was causing problems when connecting to bare IP
+			// addresses during development.
+			//
+			// TODO: optionally enforce? Or enforce at the time we receive
+			// a new request, and verify the the ServerName matches the :authority?
+			// But that precludes proxy situations, perhaps.
+			//
+			// So for now, do nothing here again.
 		}
 
 		if isBadCipher(sc.tlsState.CipherSuite) {
commit	f0f7876b264515bf0c86c37d78ab558d939b82b0	[log] [tgz]
author	Brad Fitzpatrick <brad@danga.com>	Sat Jan 17 12:25:12 2015 -0800
committer	Brad Fitzpatrick <brad@danga.com>	Sat Jan 17 12:25:12 2015 -0800
tree	8275148930a33b311f2d60524a886fe4f85f040b
parent	36f7934bd38f22905a9eba016885fe04856ca4d1 [diff] [blame]