From 852f51b5e4cbeccfb455652dd276aa0d213e317f Mon Sep 17 00:00:00 2001 From: mutantmonkey Date: Sat, 16 Jan 2016 12:07:42 -0800 Subject: [PATCH] include ServerName in TLS configuration This is required for Go to establish a TLS connection unless InsecureSkipVerify is set. --- transport.go | 14 ++++++++++++-- websocket.go | 10 +++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/transport.go b/transport.go index cd5249c..7554b4e 100644 --- a/transport.go +++ b/transport.go @@ -8,6 +8,7 @@ import ( "crypto/tls" "fmt" "io" + "net" "net/http" "net/url" @@ -58,10 +59,19 @@ func getProxy(req *http.Request) (*url.URL, error) { } func newHTTPTransporter(baseURL, user, pass string) *httpTransporter { + u, _ := url.Parse(baseURL) + host, _, err := net.SplitHostPort(u.Host) + if err != nil { + host = u.Host + } + client := &http.Client{ Transport: &http.Transport{ - TLSClientConfig: &tls.Config{RootCAs: rootCA}, - Proxy: getProxy, + TLSClientConfig: &tls.Config{ + RootCAs: rootCA, + ServerName: host, + }, + Proxy: getProxy, }, } diff --git a/websocket.go b/websocket.go index 9ab3d8a..75caba3 100644 --- a/websocket.go +++ b/websocket.go @@ -64,7 +64,15 @@ func newWSConn(originURL, user, pass string) (*wsConn, error) { if err != nil { return nil, err } - wsConfig.TlsConfig = &tls.Config{RootCAs: rootCA} + host, _, err := net.SplitHostPort(wsConfig.Location.Host) + if err != nil { + host = wsConfig.Location.Host + } + + wsConfig.TlsConfig = &tls.Config{ + RootCAs: rootCA, + ServerName: host, + } var wsc *websocket.Conn