Skip to content

Commit

Permalink
credentials: don't overwrite ServerName in given config
Browse files Browse the repository at this point in the history 
The first endpoint will set the ServerName which will then be used by
the second endpoint, causing the transport to reject the second endpoint
since the server cert won't match the server name.
  • Loading branch information
Anthony Romano committed Jul 14, 2016
1 parent 7428593 commit 9a97937
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions credentials/credentials.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,14 +151,16 @@ func (c *tlsCreds) ClientHandshake(addr string, rawConn net.Conn, timeout time.D
errChannel <- timeoutError{}
})
}
// use local cfg to avoid clobbering ServerName if using multiple endpoints
cfg := *c.config
if c.config.ServerName == "" {
colonPos := strings.LastIndex(addr, ":")
if colonPos == -1 {
colonPos = len(addr)
}
c.config.ServerName = addr[:colonPos]
cfg.ServerName = addr[:colonPos]
}
conn := tls.Client(rawConn, c.config)
conn := tls.Client(rawConn, &cfg)
if timeout == 0 {
err = conn.Handshake()
} else {
Expand Down

0 comments on commit 9a97937

Please sign in to comment.