summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2019-10-10 17:17:06 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2019-10-10 17:17:06 -0600
commit8715a28320c78061b57d1889db8c12ce1ca283a8 (patch)
tree654a073de301ba433d66edbc5a740ef7990ad1c4 /modules/caddyhttp/reverseproxy
parent715e6ddf516835c62db022b2247808fb8f22f2b0 (diff)
reverse_proxy: Customize SNI value in upstream request (closes #2483)
Diffstat (limited to 'modules/caddyhttp/reverseproxy')
-rw-r--r--modules/caddyhttp/reverseproxy/httptransport.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go
index 4ff9989..fb3ef06 100644
--- a/modules/caddyhttp/reverseproxy/httptransport.go
+++ b/modules/caddyhttp/reverseproxy/httptransport.go
@@ -147,6 +147,7 @@ type TLSConfig struct {
ClientCertificateKeyFile string `json:"client_certificate_key_file,omitempty"`
InsecureSkipVerify bool `json:"insecure_skip_verify,omitempty"`
HandshakeTimeout caddy.Duration `json:"handshake_timeout,omitempty"`
+ ServerName string `json:"server_name,omitempty"`
}
// MakeTLSClientConfig returns a tls.Config usable by a client to a backend.
@@ -182,6 +183,9 @@ func (t TLSConfig) MakeTLSClientConfig() (*tls.Config, error) {
cfg.RootCAs = rootPool
}
+ // custom SNI
+ cfg.ServerName = t.ServerName
+
// throw all security out the window
cfg.InsecureSkipVerify = t.InsecureSkipVerify