Skip to content

Commit

Permalink
skip TLS SNI if host is IP address (do not set servername option in t…
Browse files Browse the repository at this point in the history 
…ls.connect)
  • Loading branch information
@jrmerz
jrmerz committed May 8, 2019
1 parent 4b530a9 commit d3c8eba
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions lib/connection.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,9 +91,8 @@ Connection.prototype.connect = function (port, host) {
return self.emit('error', new Error('There was an error establishing an SSL connection'))
}
var tls = require('tls')
self.stream = tls.connect({
let options = {
socket: self.stream,
servername: host,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
Expand All @@ -103,7 +102,12 @@ Connection.prototype.connect = function (port, host) {
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
})
};
if( net.isIP(host) === 0 ) {
options.servername = host;
}

self.stream = tls.connect(options);
self.attachListeners(self.stream)
self.stream.on('error', reportStreamError)

Expand Down

0 comments on commit d3c8eba

Please sign in to comment.