> But when I use curl bundled with Yosemite (or from Brew) on my macbook, > it's not switching. > > curl --insecure https://bar.example.com:64443 > Default on 1443 > > These are the versions I'm testing with: > > curl --version > curl 7.37.1 (x86_64-apple-darwin14.0) libcurl/7.37.1 > SecureTransport zlib/1.2.5 > > /usr/local/opt/curl/bin/curl --version > curl 7.42.1 (x86_64-apple-darwin14.3.0) libcurl/7.42.1 > SecureTransport zlib/1.2.5 > > Yet I have a node.js (io.js v2.3.1) service that switches based on SNI > which is working just fine with curl.
Sounds like that client hello from curl@mac looks different than we expect, therefor SNI parsing fails. Can you provide the same tcpdump captures again, this time from the mac curl client that fails? Regards, Lukas