github-mirrors/VictoriaMetrics
1
0
Fork 0
mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2024-11-21 14:44:00 +00:00
Code Issues Projects Releases Packages Wiki Activity

lib/proxy: set proxy address in tls.Config.ServerName instead of the target address

Browse source 
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1116
This commit is contained in:
Aliaksandr Valialkin 2021-03-12 10:40:55 +02:00
parent a6a71ef861
commit 895d5d1355
1 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
lib/proxy/proxy.go
View file

@ -93,19 +93,21 @@ func (u *URL) NewDialFunc(ac *promauth.Config) (fasthttp.DialFunc, error) {
if authHeader != "" {
authHeader = "Proxy-Authorization: " + authHeader + "\r\n"
}
tlsCfg := ac.NewTLSConfig()
var tlsCfg *tls.Config
if isTLS {
tlsCfg = ac.NewTLSConfig()
if !tlsCfg.InsecureSkipVerify && tlsCfg.ServerName == "" {
tlsCfg = tlsCfg.Clone()
tlsCfg.ServerName = tlsServerName(proxyAddr)
}
}
dialFunc := func(addr string) (net.Conn, error) {
proxyConn, err := defaultDialFunc(proxyAddr)
if err != nil {
return nil, fmt.Errorf("cannot connect to proxy %q: %w", pu.Redacted(), err)
}
if isTLS {
tlsCfgLocal := tlsCfg
if !tlsCfgLocal.InsecureSkipVerify && tlsCfgLocal.ServerName == "" {
tlsCfgLocal = tlsCfgLocal.Clone()
tlsCfgLocal.ServerName = tlsServerName(addr)
}
proxyConn = tls.Client(proxyConn, tlsCfgLocal)
proxyConn = tls.Client(proxyConn, tlsCfg)
}
conn, err := sendConnectRequest(proxyConn, proxyAddr, addr, authHeader)
if err != nil {