]> Sergey Matveev's repositories - tofuproxy.git/blobdiff - tls.go
projects / tofuproxy.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ability to remove hosts from the states, refactoring
[tofuproxy.git] / tls.go
diff --git a/tls.go b/tls.go
index 2db3ceb87c20a2a9703c8b3e9efb34f056437171..6f8ce8c5e22709b7bc707e6bf1d0da1be4b2855c 100644 (file)
--- a/tls.go
+++ b/tls.go
@@ -103,8 +103,8 @@ func (h *HTTPSHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 }
 
 func dialTLS(ctx context.Context, network, addr string) (net.Conn, error) {
-       host := strings.TrimSuffix(addr, ":443")
-       ccg := ClientCertificateGetter{host}
+       host := strings.Split(addr, ":")[0]
+       ccg := ClientCertificateGetter{host: host}
        cfg := tls.Config{
                VerifyPeerCertificate: func(
                        rawCerts [][]byte,
@@ -131,15 +131,15 @@ func dialTLS(ctx context.Context, network, addr string) (net.Conn, error) {
                var err error
                conn, err = tls.Dial(network, addr, &cfg)
                if err != nil {
-                       fifos.SinkErr <- fmt.Sprintf("%s\t%s", addr, dialErr.Error())
+                       fifos.LogErr <- fmt.Sprintf("%s\t%s", addr, dialErr.Error())
                        return nil, err
                }
        }
        connState := conn.ConnectionState()
-       if connState.DidResume {
-               fifos.SinkTLS <- fmt.Sprintf(
+       if !connState.DidResume {
+               fifos.LogTLS <- fmt.Sprintf(
                        "%s\t%s %s\t%s\t%s",
-                       strings.TrimSuffix(addr, ":443"),
+                       addr,
                        ucspi.TLSVersion(connState.Version),
                        tls.CipherSuiteName(connState.CipherSuite),
                        spkiHash(connState.PeerCertificates[0]),
Flexible HTTP/HTTPS proxy, TLS terminator, X.509 TOFU manager, WARC/geminispace browser