octoleo/syncthing
1
0
Fork 0
mirror of https://github.com/octoleo/syncthing.git synced 2025-01-03 07:12:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

lib/relay: Send SNI when the address is a host name (fixes #8014) (#8015)

Browse Source
This commit is contained in:
Jakob Borg 2021-11-22 08:31:03 +01:00 committed by GitHub
parent 8265dac127
commit e2288fe441
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/relay/client/static.go
View File

@ -141,7 +141,17 @@ func (c *staticClient) connect(ctx context.Context) error {
return err return err
} }
conn := tls.Client(tcpConn, c.config) // Copy the TLS config and set the server name we're connecting to. In
// many cases this will be an IP address, in which case it's a no-op. In
// other cases it will be a hostname, which will cause the TLS stack to
// send SNI.
cfg := c.config
if host, _, err := net.SplitHostPort(c.uri.Host); err == nil {
cfg = cfg.Clone()
cfg.ServerName = host
}
conn := tls.Client(tcpConn, cfg)
if err := conn.SetDeadline(time.Now().Add(c.connectTimeout)); err != nil { if err := conn.SetDeadline(time.Now().Add(c.connectTimeout)); err != nil {
conn.Close() conn.Close()