archive-gh-me/node-postgres
1
0
Fork 0
mirror of https://github.com/brianc/node-postgres.git synced 2025-12-08 20:16:25 +00:00
Code Issues Projects Releases Wiki Activity

Skip TLS SNI if host is IP address (#1890)

Browse Source 
* skip TLS SNI if host is IP address (do not set servername option in tls.connect)

* Format code
This commit is contained in:
Justin Merz 2019-11-11 10:18:52 -08:00 committed by Brian C
parent cd66c0b261
commit 06fbe19923
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/connection.js
View File

@ -91,9 +91,8 @@ Connection.prototype.connect = function (port, host) {
return self.emit('error', new Error('There was an error establishing an SSL connection'))
}
var tls = require('tls')
self.stream = tls.connect({
const options = {
socket: self.stream,
servername: host,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
@ -103,7 +102,11 @@ Connection.prototype.connect = function (port, host) {
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
})
}
if (net.isIP(host) === 0) {
options.servername = host
}
self.stream = tls.connect(options)
self.attachListeners(self.stream)
self.stream.on('error', reportStreamError)