From 3131abb3331f005660c9ba814e08eba8e216f3e9 Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Fri, 18 Sep 2015 15:58:31 -0400
Subject: [PATCH] Add warning if target is not fqdn and SNI needs to be
 disabled

---
 cipherscan | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/cipherscan b/cipherscan
index b560052..7d3f3c1 100755
--- a/cipherscan
+++ b/cipherscan
@@ -1534,8 +1534,12 @@ SCLIENTARGS="${PARAMS[*]}"
 # only append the SNI:
 # if the target is a hostname by validating the tld
 # if -servername was not supplied by the user
-if [[ $SNI == "True"  && $sni_target =~ \.[a-z]{1,20}$ && ! $SCLIENTARGS =~ servername ]]; then
-    SCLIENTARGS="$SCLIENTARGS -servername $sni_target"
+if [[ $SNI == "True"  && ! $SCLIENTARGS =~ servername ]]; then
+    if [[ $sni_target =~ \.[a-zA-Z]{1,20}$ ]]; then
+        SCLIENTARGS="$SCLIENTARGS -servername $sni_target"
+    else
+        echo "Warning: target is not a FQDN. SNI was disabled. Use a FQDN or '-servername <fqdn>'" 1>&2
+    fi
 fi
 debug "sclientargs: $SCLIENTARGS"