}
func dialTLS(ctx context.Context, network, addr string) (net.Conn, error) {
- host := strings.TrimSuffix(addr, ":443")
- ccg := ClientCertificateGetter{host}
+ host := strings.Split(addr, ":")[0]
+ ccg := ClientCertificateGetter{host: host}
cfg := tls.Config{
VerifyPeerCertificate: func(
rawCerts [][]byte,
var err error
conn, err = tls.Dial(network, addr, &cfg)
if err != nil {
- fifos.SinkErr <- fmt.Sprintf("%s\t%s", addr, dialErr.Error())
+ fifos.LogErr <- fmt.Sprintf("%s\t%s", addr, dialErr.Error())
return nil, err
}
}
connState := conn.ConnectionState()
- if connState.DidResume {
- fifos.SinkTLS <- fmt.Sprintf(
+ if !connState.DidResume {
+ fifos.LogTLS <- fmt.Sprintf(
"%s\t%s %s\t%s\t%s",
- strings.TrimSuffix(addr, ":443"),
+ addr,
ucspi.TLSVersion(connState.Version),
tls.CipherSuiteName(connState.CipherSuite),
spkiHash(connState.PeerCertificates[0]),