HttpsConnector: use hostname instead of URL again
fixes connecting to hosts with valid certificates without a
pinned fingerprint
this was accidentally changed in the tokio-1.0 updates
apparently
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: 0f860f712f
("tokio 1.0: update to new tokio-openssl interface")
This commit is contained in:
parent
7d2c156eb1
commit
fa016c1697
@ -124,6 +124,11 @@ impl hyper::service::Service<Uri> for HttpsConnector {
|
|||||||
.ok_or_else(|| format_err!("missing URL scheme"))?
|
.ok_or_else(|| format_err!("missing URL scheme"))?
|
||||||
== "https";
|
== "https";
|
||||||
|
|
||||||
|
let host = dst
|
||||||
|
.host()
|
||||||
|
.ok_or_else(|| format_err!("missing hostname in destination url?"))?
|
||||||
|
.to_string();
|
||||||
|
|
||||||
let config = this.ssl_connector.configure();
|
let config = this.ssl_connector.configure();
|
||||||
let dst_str = dst.to_string(); // for error messages
|
let dst_str = dst.to_string(); // for error messages
|
||||||
let conn = this
|
let conn = this
|
||||||
@ -135,7 +140,7 @@ impl hyper::service::Service<Uri> for HttpsConnector {
|
|||||||
let _ = set_tcp_keepalive(conn.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
|
let _ = set_tcp_keepalive(conn.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
|
||||||
|
|
||||||
if is_https {
|
if is_https {
|
||||||
let conn: tokio_openssl::SslStream<tokio::net::TcpStream> = tokio_openssl::SslStream::new(config?.into_ssl(&dst_str)?, conn)?;
|
let conn: tokio_openssl::SslStream<tokio::net::TcpStream> = tokio_openssl::SslStream::new(config?.into_ssl(&host)?, conn)?;
|
||||||
let mut conn = Box::pin(conn);
|
let mut conn = Box::pin(conn);
|
||||||
conn.as_mut().connect().await?;
|
conn.as_mut().connect().await?;
|
||||||
Ok(MaybeTlsStream::Right(conn))
|
Ok(MaybeTlsStream::Right(conn))
|
||||||
|
Loading…
Reference in New Issue
Block a user