update: support custom tls server name (#2278)

2025-07-27 07:35:07 +00:00 · 2021-03-07 00:57:23 -06:00
parent 0a2384a283
commit b5aee82ca9
5 changed files with 20 additions and 5 deletions
--- a/client/control.go
+++ b/client/control.go
@@ -209,13 +209,17 @@ func (ctl *Control) connectServer() (conn net.Conn, err error) {
 		conn = stream
 	} else {
 		var tlsConfig *tls.Config
+		sn := ctl.clientCfg.TLSServerName
+		if sn == "" {
+			sn = ctl.clientCfg.ServerAddr
+		}

 		if ctl.clientCfg.TLSEnable {
 			tlsConfig, err = transport.NewClientTLSConfig(
 				ctl.clientCfg.TLSCertFile,
 				ctl.clientCfg.TLSKeyFile,
 				ctl.clientCfg.TLSTrustedCaFile,
-				ctl.clientCfg.ServerAddr)
+				sn)

 			if err != nil {
 				xl.Warn("fail to build tls configuration when connecting to server, err: %v", err)
--- a/client/service.go
+++ b/client/service.go
@@ -214,11 +214,16 @@ func (svr *Service) login() (conn net.Conn, session *fmux.Session, err error) {
 	xl := xlog.FromContextSafe(svr.ctx)
 	var tlsConfig *tls.Config
 	if svr.cfg.TLSEnable {
+		sn := svr.cfg.TLSServerName
+		if sn == "" {
+			sn = svr.cfg.ServerAddr
+		}
+
 		tlsConfig, err = transport.NewClientTLSConfig(
 			svr.cfg.TLSCertFile,
 			svr.cfg.TLSKeyFile,
 			svr.cfg.TLSTrustedCaFile,
-			svr.cfg.ServerAddr)
+			sn)
 		if err != nil {
 			xl.Warn("fail to build tls configuration when service login, err: %v", err)
 			return