Skip TLS SNI if host is IP address (#1890)

* skip TLS SNI if host is IP address (do not set servername option in tls.connect) * Format code
brianc · Nov 11, 2019 · 06fbe19 · 06fbe19
1 parent cd66c0b
commit 06fbe19
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/lib/connection.js b/lib/connection.js
@@ -91,9 +91,8 @@ Connection.prototype.connect = function (port, host) {
         return self.emit('error', new Error('There was an error establishing an SSL connection'))
     }
     var tls = require('tls')
-    self.stream = tls.connect({
+    const options = {
       socket: self.stream,
-      servername: host,
       checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
       rejectUnauthorized: self.ssl.rejectUnauthorized,
       ca: self.ssl.ca,
@@ -103,7 +102,11 @@ Connection.prototype.connect = function (port, host) {
       cert: self.ssl.cert,
       secureOptions: self.ssl.secureOptions,
       NPNProtocols: self.ssl.NPNProtocols
-    })
+    }
+    if (net.isIP(host) === 0) {
+      options.servername = host
+    }
+    self.stream = tls.connect(options)
     self.attachListeners(self.stream)
     self.stream.on('error', reportStreamError)