HttpsConnector: use hostname instead of URL again

fixes connecting to hosts with valid certificates without a
pinned fingerprint
this was accidentally changed in the tokio-1.0 updates
apparently

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: 0f860f712f ("tokio 1.0: update to new tokio-openssl interface")
This commit is contained in:
Wolfgang Bumiller 2021-02-03 15:09:19 +01:00
parent 7d2c156eb1
commit fa016c1697

View File

@ -124,6 +124,11 @@ impl hyper::service::Service<Uri> for HttpsConnector {
.ok_or_else(|| format_err!("missing URL scheme"))? .ok_or_else(|| format_err!("missing URL scheme"))?
== "https"; == "https";
let host = dst
.host()
.ok_or_else(|| format_err!("missing hostname in destination url?"))?
.to_string();
let config = this.ssl_connector.configure(); let config = this.ssl_connector.configure();
let dst_str = dst.to_string(); // for error messages let dst_str = dst.to_string(); // for error messages
let conn = this let conn = this
@ -135,7 +140,7 @@ impl hyper::service::Service<Uri> for HttpsConnector {
let _ = set_tcp_keepalive(conn.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME); let _ = set_tcp_keepalive(conn.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
if is_https { if is_https {
let conn: tokio_openssl::SslStream<tokio::net::TcpStream> = tokio_openssl::SslStream::new(config?.into_ssl(&dst_str)?, conn)?; let conn: tokio_openssl::SslStream<tokio::net::TcpStream> = tokio_openssl::SslStream::new(config?.into_ssl(&host)?, conn)?;
let mut conn = Box::pin(conn); let mut conn = Box::pin(conn);
conn.as_mut().connect().await?; conn.as_mut().connect().await?;
Ok(MaybeTlsStream::Right(conn)) Ok(MaybeTlsStream::Right(conn))