1 files changed, 50 insertions, 27 deletions

diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs
index a730cc49..a91b46a1 100644
--- a/openssl/src/ssl/connector.rs
+++ b/openssl/src/ssl/connector.rs
@@ -132,13 +132,9 @@ impl SslConnector {
         self.configure()?.connect(domain, stream)
     }
 
-    /// Initiates a client-side TLS session on a stream without performing hostname verification.
-    ///
-    /// # Warning
-    ///
-    /// You should think very carefully before you use this method. If hostname verification is not
-    /// used, *any* valid certificate for *any* site will be trusted for use from any other. This
-    /// introduces a significant vulnerability to man-in-the-middle attacks.
+    #[deprecated(
+        since = "0.9.24",
+        note = "use `ConnectConfiguration::verify_hostname` and `ConnectConfiguration::use_server_name_indication` instead")]
     pub fn danger_connect_without_providing_domain_for_certificate_verification_and_server_name_indication<
         S,
     >(
@@ -149,53 +145,80 @@ impl SslConnector {
         S: Read + Write,
     {
         self.configure()?
-            .danger_connect_without_providing_domain_for_certificate_verification_and_server_name_indication(stream)
+            .use_server_name_indication(false)
+            .verify_hostname(false)
+            .connect("", stream)
     }
 
     /// Returns a structure allowing for configuration of a single TLS session before connection.
     pub fn configure(&self) -> Result<ConnectConfiguration, ErrorStack> {
-        Ssl::new(&self.0).map(ConnectConfiguration)
+        Ssl::new(&self.0).map(|ssl| ConnectConfiguration { ssl, sni: true, verify_hostname: true })
     }
 }
 
 /// A type which allows for configuration of a client-side TLS session before connection.
-pub struct ConnectConfiguration(Ssl);
+pub struct ConnectConfiguration {
+    ssl: Ssl,
+    sni: bool,
+    verify_hostname: bool,
+}
 
 impl ConnectConfiguration {
     #[deprecated(since = "0.9.23",
                  note = "ConnectConfiguration now implements Deref<Target=SslRef>")]
     pub fn ssl(&self) -> &Ssl {
-        &self.0
+        &self.ssl
     }
 
     #[deprecated(since = "0.9.23",
                  note = "ConnectConfiguration now implements DerefMut<Target=SslRef>")]
     pub fn ssl_mut(&mut self) -> &mut Ssl {
-        &mut self.0
+        &mut self.ssl
     }
 
-    /// Initiates a client-side TLS session on a stream.
+    /// Configures the use of Server Name Indication (SNI) when connecting.
     ///
-    /// The domain is used for SNI and hostname verification.
-    pub fn connect<S>(mut self, domain: &str, stream: S) -> Result<SslStream<S>, HandshakeError<S>>
-    where
-        S: Read + Write,
-    {
-        self.0.set_hostname(domain)?;
-        setup_verify_hostname(&mut self.0, domain)?;
-
-        self.0.connect(stream)
+    /// Defaults to `true`.
+    pub fn use_server_name_indication(mut self, use_sni: bool) -> ConnectConfiguration {
+        self.sni = use_sni;
+        self
     }
 
-    /// Initiates a client-side TLS session on a stream without performing hostname verification.
+    /// Configures the use of hostname verification when connecting.
     ///
-    /// The verification configuration of the connector's `SslContext` is not overridden.
+    /// Defaults to `true`.
     ///
     /// # Warning
     ///
     /// You should think very carefully before you use this method. If hostname verification is not
     /// used, *any* valid certificate for *any* site will be trusted for use from any other. This
     /// introduces a significant vulnerability to man-in-the-middle attacks.
+    pub fn verify_hostname(mut self, verify_hostname: bool) -> ConnectConfiguration {
+        self.verify_hostname = verify_hostname;
+        self
+    }
+
+    /// Initiates a client-side TLS session on a stream.
+    ///
+    /// The domain is used for SNI and hostname verification if enabled.
+    pub fn connect<S>(mut self, domain: &str, stream: S) -> Result<SslStream<S>, HandshakeError<S>>
+    where
+        S: Read + Write,
+    {
+        if self.sni {
+            self.ssl.set_hostname(domain)?;
+        }
+
+        if self.verify_hostname {
+            setup_verify_hostname(&mut self.ssl, domain)?;
+        }
+
+        self.ssl.connect(stream)
+    }
+
+    #[deprecated(
+        since = "0.9.24",
+        note = "use `ConnectConfiguration::verify_hostname` and `ConnectConfiguration::use_server_name_indication` instead")]
     pub fn danger_connect_without_providing_domain_for_certificate_verification_and_server_name_indication<
         S,
     >(
@@ -205,7 +228,7 @@ impl ConnectConfiguration {
     where
         S: Read + Write,
     {
-        self.0.connect(stream)
+        self.use_server_name_indication(false).verify_hostname(false).connect("", stream)
     }
 }
 
@@ -213,13 +236,13 @@ impl Deref for ConnectConfiguration {
     type Target = SslRef;
 
     fn deref(&self) -> &SslRef {
-        &self.0
+        &self.ssl
     }
 }
 
 impl DerefMut for ConnectConfiguration {
     fn deref_mut(&mut self) -> &mut SslRef {
-        &mut self.0
+        &mut self.ssl
     }
 }