Skip to content

Commit

Permalink
Merge pull request #1692 from Shopify/diego_fix-tls-set-server-name
Browse files Browse the repository at this point in the history
Set ServerName using tls.DialWithDialer approach
  • Loading branch information
d1egoaz authored May 7, 2020
2 parents 8fe9db2 + cb29302 commit 273a3f2
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 3 deletions.
17 changes: 16 additions & 1 deletion broker.go
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,22 @@ func (b *Broker) Open(conf *Config) error {

if conf.Net.TLS.Enable {
Logger.Printf("Using tls")
b.conn = tls.Client(b.conn, conf.Net.TLS.Config)
cfg := conf.Net.TLS.Config
if cfg == nil {
cfg = &tls.Config{}
}
// If no ServerName is set, infer the ServerName
// from the hostname we're connecting to.
// Gets the hostname as tls.DialWithDialer does it.
if cfg.ServerName == "" {
colonPos := strings.LastIndex(b.addr, ":")
if colonPos == -1 {
colonPos = len(b.addr)
}
hostname := b.addr[:colonPos]
cfg.ServerName = hostname
}
b.conn = tls.Client(b.conn, cfg)
}

b.conn = newBufConn(b.conn)
Expand Down
3 changes: 1 addition & 2 deletions client_tls_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -158,8 +158,7 @@ func TestTLS(t *testing.T) {
Succeed: true,
Server: serverTLSConfig,
Client: &tls.Config{
RootCAs: pool,
ServerName: "127.0.0.1",
RootCAs: pool,
Certificates: []tls.Certificate{{
Certificate: [][]byte{clientDer},
PrivateKey: clientkey,
Expand Down

0 comments on commit 273a3f2

Please sign in to comment.