[openssl-dev] SNI by default in s_client

[Viktor Dukhovni]

> On Feb 13, 2017, at 12:32 PM, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
> 
> That said, I don't think that enabling SNI by default *in s_client* is
> sufficient cause to motivate such a feature.  The s_client command adds
> new options from time to time, and IIRC we've never before back-ported
> these as NOPs.  If an "ignore_unknown" option is warranted, it is for
> all the other new things we might add in addition to "-noservername".

One more thing I should note.  The implementation should not break the
"-dane_tldsa_domain" option.  That is, with no explicit "-servername"
and with "-dane_tlsa_domain", the SNI name must come from that option,
and not the "-connect" hostname.

-- 
	Viktor.