net.server: Only add alternate SNI contexts if at least one is provided

Fixes use of <starttls/> when a client sends SNI, which would send no certificate otherwise.

3 files changed, 3 insertions, 3 deletions

diff --git a/net/server_epoll.lua b/net/server_epoll.lua
index 3c8b2613..4bdc2e21 100644
--- a/net/server_epoll.lua
+++ b/net/server_epoll.lua
@@ -512,7 +512,7 @@ function interface:tlshandskake()
 		if conn.sni then
 			if self.servername then
 				conn:sni(self.servername);
-			elseif self._server and self._server.hosts then
+			elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
 				conn:sni(self._server.hosts, true);
 			end
 		end
diff --git a/net/server_event.lua b/net/server_event.lua
index 6c9b941d..2bee614a 100644
--- a/net/server_event.lua
+++ b/net/server_event.lua
@@ -168,7 +168,7 @@ function interface_mt:_start_ssl(call_onconnect) -- old socket will be destroyed
 	if self.conn.sni then
 		if self.servername then
 			self.conn:sni(self.servername);
-		elseif self._server and self._server.hosts then
+		elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
 			self.conn:sni(self._server.hosts, true);
 		end
 	end
diff --git a/net/server_select.lua b/net/server_select.lua
index b52cc6d7..4b156409 100644
--- a/net/server_select.lua
+++ b/net/server_select.lua
@@ -637,7 +637,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
 			if socket.sni then
 				if self.servername then
 					socket:sni(self.servername);
-				elseif self.server() and self.server().hosts then
+				elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
 					socket:sni(self.server().hosts, true);
 				end
 			end