Add a new setting to force SNI for WebDAV
Per the discussion on this thread: Problems connecting to WebDAV endpoint – SNI disabled in logs
WinSCP DOES support SNI connections for WebDAV, however the code that enables this checks to see if this parameter passed in is a host name or an IP address. If it thinks it is an IP address, it disables SNI (as would make sense). This is checked by using the
As discussed in the thread linked above, there can be issues in certain environments, where this method may not work as expected. In these cases, the underlying system is returning an incorrect response from the
The proposed update to WinSCP would be to add a new optional setting that can be specified via raw settings called
Thoughts?
WinSCP DOES support SNI connections for WebDAV, however the code that enables this checks to see if this parameter passed in is a host name or an IP address. If it thinks it is an IP address, it disables SNI (as would make sense). This is checked by using the
getaddrinfo system call.
As discussed in the thread linked above, there can be issues in certain environments, where this method may not work as expected. In these cases, the underlying system is returning an incorrect response from the
getaddrinfo method – which incorrectly disables SNI.
The proposed update to WinSCP would be to add a new optional setting that can be specified via raw settings called
WebDavForceSNI. The idea would be if this is passed in the raw settings, then the code would always enable SNI – regardless of what getaddrinfo returns. Thinking this would be somewhat similar to the existing FtpForcePasvIp2 setting that exists.
Thoughts?
