Trailing dot in URL causes TLS failure

[REBELinBLUE]

Adding a dot to the end of the URL is valid, it tells DNS that it is an absolute fully-qualified domain name, this is a common trick in Kubernetes to prevent it from trying to resolve the address locally first due to /etc/resolv.conf having ndots set to 5 (i.e. domains with less than 5 dots try to resolve locally). https://pracucci.com/kubernetes-dns-resolution-ndots-options-and-why-it-may-affect-application-performances.html as seen in Solution 1 here for example.

This works fine in ampqlib, however, when you are using TLS it does not and you get an error Error: Client network socket disconnected before secure TLS connection was established

This is because in connect.js the following code

    sockopts.host = url.hostname;
    sockopts.servername = url.hostname;

servername is the servername for the SNI TLS Extension, and in SNI the servername must not have a trailing dot https://datatracker.ietf.org/doc/html/rfc6066#section-3

You can see here how curl strips it curl/curl@5de8d84

Happy to submit a PR

[cressie176]

Hi @REBELinBLUE,

Thank you for the detailed analysis. Very happy to accept a PR.

[REBELinBLUE]

@cressie176 I see you may have already fixed it in 318a682 by allowing the servername to be supplied separately, looks like it was fixed in #697