From ab525ed5db3267f633504c4e3506f922986af189 Mon Sep 17 00:00:00 2001 From: Diego Alvarez Date: Thu, 7 May 2020 11:17:49 -0700 Subject: [PATCH 1/2] Set ServerName using tls.DialWithDialer approach --- broker.go | 11 +++++++++++ client_tls_test.go | 3 +-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/broker.go b/broker.go index f379dca62..3c39300c7 100644 --- a/broker.go +++ b/broker.go @@ -165,6 +165,17 @@ func (b *Broker) Open(conf *Config) error { if conf.Net.TLS.Enable { Logger.Printf("Using tls") + + // If no ServerName is set, infer the ServerName + // from the hostname we're connecting to. + if conf.Net.TLS.Config.ServerName == "" { + colonPos := strings.LastIndex(b.addr, ":") + if colonPos == -1 { + colonPos = len(b.addr) + } + hostname := b.addr[:colonPos] + conf.Net.TLS.Config.ServerName = hostname + } b.conn = tls.Client(b.conn, conf.Net.TLS.Config) } diff --git a/client_tls_test.go b/client_tls_test.go index e36612705..750145610 100644 --- a/client_tls_test.go +++ b/client_tls_test.go @@ -158,8 +158,7 @@ func TestTLS(t *testing.T) { Succeed: true, Server: serverTLSConfig, Client: &tls.Config{ - RootCAs: pool, - ServerName: "127.0.0.1", + RootCAs: pool, Certificates: []tls.Certificate{{ Certificate: [][]byte{clientDer}, PrivateKey: clientkey, From cb293024a2efb95fb03418fe1e5e7a2d41cdd05f Mon Sep 17 00:00:00 2001 From: Diego Alvarez Date: Thu, 7 May 2020 11:55:19 -0700 Subject: [PATCH 2/2] Creates conf.Net.TLS.Config if not provided --- broker.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/broker.go b/broker.go index 3c39300c7..cda5da8f7 100644 --- a/broker.go +++ b/broker.go @@ -165,18 +165,22 @@ func (b *Broker) Open(conf *Config) error { if conf.Net.TLS.Enable { Logger.Printf("Using tls") - + cfg := conf.Net.TLS.Config + if cfg == nil { + cfg = &tls.Config{} + } // If no ServerName is set, infer the ServerName // from the hostname we're connecting to. - if conf.Net.TLS.Config.ServerName == "" { + // Gets the hostname as tls.DialWithDialer does it. + if cfg.ServerName == "" { colonPos := strings.LastIndex(b.addr, ":") if colonPos == -1 { colonPos = len(b.addr) } hostname := b.addr[:colonPos] - conf.Net.TLS.Config.ServerName = hostname + cfg.ServerName = hostname } - b.conn = tls.Client(b.conn, conf.Net.TLS.Config) + b.conn = tls.Client(b.conn, cfg) } b.conn = newBufConn(b.conn)