\#65 Add host Header and TLS SNI override

Former-commit-id: 5ddf5c5b7a8d1bd483ac063e5c09f058c80b820e Former-commit-id: d97bd60ef93720e94274be0d1cd50f1d742949dd [formerly df42280ad7675379c9b283f658e5e75c8c28f1a4] [formerly 95700181615ef2eaf461fdb3e0c67af4b8aa54e8 [formerly da23f33f04294a146a691f6d635884942ca00967 [formerly da23f33f04294a146a691f6d635884942ca00967 [formerly da23f33f04294a146a691f6d635884942ca00967 [formerly f40c007627bc5a26208c64cd3e5479a43a7a1c20]]]]] Former-commit-id: 3b061c8e6950a03ceb4f2e44651609f4d8899248 [formerly ee6563bdd95ec09d33aa6610d201a8f581137626] Former-commit-id: 3070702567889c7a53477714d65e4476e6056646 Former-commit-id: 1485f4efa64ed475d15780d316306feffb7b53e0 Former-commit-id: df44169b35e25e59ec9a3a818b38d0986ac68e02 Former-commit-id: 49e8fdce68b6b06f23c8b681163ac7e48b6e7075 [formerly 7277e9db3e5301faac5ef4dc7641f61d367353b0] Former-commit-id: b99e5bdd73ac1ee14db7a6509ea9ae4489873532
2020-12-07 10:29:35 +01:00 · 2020-12-07 10:29:35 +01:00 · e8f3fc0259
commit e8f3fc0259
parent 2d85d27ce4
4 changed files with 28 additions and 2 deletions
--- a/src/Tunnel.hs
+++ b/src/Tunnel.hs
@ -65,7 +65,8 @@ tunnelingClientP cfg@TunnelSettings{..} app conn = onError $ do
  debug "Oppening Websocket stream"

  stream <- connectionToStream conn
-  let headers = if not (null upgradeCredentials) then [("Authorization", "Basic " <> B64.encode upgradeCredentials)] else []
+  let headers = (if not (null upgradeCredentials) then [("Authorization", "Basic " <> B64.encode upgradeCredentials)] else [])
+                <> (if not (null hostHeader) then [("Host", hostHeader)] else [])
  ret <- WS.runClientWithStream stream serverHost (toPath cfg) WS.defaultConnectionOptions headers run

  debug "Closing Websocket stream"
@ -99,7 +100,7 @@ tlsClientP TunnelSettings{..} app conn = onError $ do
                                       , NC.settingDisableSession = False
                                       , NC.settingUseServerName = False
                                       }
-    connectionParams = NC.ConnectionParams { NC.connectionHostname = serverHost
+    connectionParams = NC.ConnectionParams { NC.connectionHostname = if tlsSNI == mempty then serverHost else BC.unpack tlsSNI
                                           , NC.connectionPort = serverPort
                                           , NC.connectionUseSecure = Just tlsSettings
                                           , NC.connectionUseSocks = Nothing
--- a/src/Types.hs
+++ b/src/Types.hs
@ -79,6 +79,8 @@ data TunnelSettings = TunnelSettings
  , upgradePrefix :: String
  , upgradeCredentials
                  :: ByteString
+  , tlsSNI        :: ByteString
+  , hostHeader    :: ByteString
  , udpTimeout    :: Int
  }