Fix ssl upgrade for regular host names

[digint]

Due to a buggy string match, SSL_hostname is always undef: matching ":" in host_port, which always has a colon between the host and the port. This leads to "certificate verify failed" openssl error (observed along with a proxy negotiating TLVv1.3).

I suspect this is openssl trying to compare the hostname (which we do not pass) in the server certificate CN / SAN.

Fixes regression introduced in v6.12:

6e9101ba Making it possible to use IPv6 in https call...

[justnoxx]

I think regarding to comments @noxxi we need to keep the same logic. Maybe we can try to detect whether it has any double colons (::) in address, or look for the square brackets? Because you see, if we use host() call, we will have the fd00:0:1:1f::4, which after concatenation with port() gives us: fd00:0:1:1f::4:8443, which is invalid. Using host_port call returns us the [fd00:0:1:1f::4]:8443, which is right. Please let me know how can I help to fix your issue in a way to keep ipv6 functionality working. Thanks.

[noxxi]

IMHO only host() should be used to check if it is an IP address, not host_port(). Checking for :: as an indicator for IPv6 would be wrong, since :: is only part of abbreviated IPv6 but not in every IPv6 address. A single : instead is in every IPv6 address, never inside an IPv4 address and never inside a hostname. What was wrong with my original proposal in https://github.com/libwww-perl/libwww-perl/issues/449#issuecomment-1896175509 ?

[justnoxx]

Ok, I see, let's make it host() call then, sorry for the confusion.

[oalders]

If you add this, we can hopefully get a complete test run.

diff --git a/Changes b/Changes
index 45cb4cf..d5af736 100644
--- a/Changes
+++ b/Changes
@@ -1,6 +1,7 @@
 Release history for LWP-Protocol-https

 {{$NEXT}}
+    - Fix ssl upgrade for regular host names (GH#77) (Axel Burri)

 6.12      2024-01-22 17:51:31Z
     - Enable MultiHomed for IO::Socket::SSL (GH#61) (ℕicolas ℝ.)