Fixes issue with tls handshake failing on some sites

This issue was caused because the ServerName property was not being set
when making tls requests

From the GO docs:
  ServerName is used to verify the hostname on the returned
  certificates unless InsecureSkipVerify is given. It is also included
  in the client's handshake to support virtual hosting unless it is
  an IP address.

https://pkg.go.dev/crypto/tls?tab=doc
master
Jonathan Hodgson 5 years ago
parent aa1517a820
commit 62a4e44dc1
  1. 2
      proxyhttp.go
  2. 2
      proxylistener.go

@ -416,6 +416,7 @@ func wsDial(req *ProxyRequest, useProxy bool, proxyHost string, proxyPort int, p
if req.DestUseTLS { if req.DestUseTLS {
tls_conn := tls.Client(conn, &tls.Config{ tls_conn := tls.Client(conn, &tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
ServerName: req.DestHost,
}) })
conn = tls_conn conn = tls_conn
} }
@ -861,6 +862,7 @@ func submitRequest(req *ProxyRequest, useProxy bool, proxyHost string,
if req.DestUseTLS { if req.DestUseTLS {
tls_conn := tls.Client(conn, &tls.Config{ tls_conn := tls.Client(conn, &tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
ServerName: req.DestHost,
}) })
conn = tls_conn conn = tls_conn
} }

@ -242,6 +242,8 @@ func (pconn *proxyConn) StartMaybeTLS(hostname string) (bool, error) {
config := &tls.Config{ config := &tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
ServerName: hostname,
} }
tlsConn := tls.Server(bufConn, config) tlsConn := tls.Server(bufConn, config)
pconn.conn = tlsConn pconn.conn = tlsConn

Loading…
Cancel
Save