fixed HTTPS proxy support to work with SNI

mojolicious · Apr 18, 2012 · dfef7b8 · dfef7b8
1 parent 64bdc60
commit dfef7b8
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 14 deletions.
diff --git a/lib/Mojo/IOLoop/Client.pm b/lib/Mojo/IOLoop/Client.pm
@@ -85,17 +85,17 @@ sub _connect {
 
     # Upgrade
     my %options = (
-      SSL_startHandshake => 0,
-      SSL_error_trap     => sub {
+      SSL_ca_file => $args->{tls_ca}
+        && -T $args->{tls_ca} ? $args->{tls_ca} : undef,
+      SSL_cert_file  => $args->{tls_cert},
+      SSL_error_trap => sub {
         $self->_cleanup;
         $self->emit_safe(error => $_[1]);
       },
-      SSL_hostname  => $args->{address},
-      SSL_cert_file => $args->{tls_cert},
-      SSL_key_file  => $args->{tls_key},
-      SSL_ca_file   => $args->{tls_ca}
-        && -T $args->{tls_ca} ? $args->{tls_ca} : undef,
-      SSL_verify_mode => $args->{tls_ca} ? 0x01 : 0x00
+      SSL_hostname       => $args->{address},
+      SSL_key_file       => $args->{tls_key},
+      SSL_startHandshake => 0,
+      SSL_verify_mode    => $args->{tls_ca} ? 0x01 : 0x00
     );
     $self->{tls} = 1;
     return $self->emit_safe(error => 'TLS upgrade failed.')

diff --git a/lib/Mojo/IOLoop/Server.pm b/lib/Mojo/IOLoop/Server.pm
@@ -133,9 +133,9 @@ sub listen {
 
   # Options
   my $options = $self->{tls} = {
-    SSL_startHandshake => 0,
-    SSL_cert_file      => $args->{tls_cert} || $self->_cert_file,
-    SSL_key_file       => $args->{tls_key} || $self->_key_file,
+    SSL_cert_file => $args->{tls_cert} || $self->_cert_file,
+    SSL_key_file  => $args->{tls_key}  || $self->_key_file,
+    SSL_startHandshake => 0
   };
   %$options = (
     %$options,

diff --git a/lib/Mojo/Server/Daemon.pm b/lib/Mojo/Server/Daemon.pm
@@ -222,8 +222,8 @@ sub _listen {
     my $name = $options->{address} || Sys::Hostname::hostname();
     $p->publish(
       name => "Mojolicious ($name:$options->{port})",
-      type => '_http._tcp',
-      port => $options->{port}
+      port => $options->{port},
+      type => '_http._tcp'
     ) if $options->{port} && !$tls;
   }
 

diff --git a/lib/Mojo/UserAgent.pm b/lib/Mojo/UserAgent.pm
@@ -202,9 +202,9 @@ sub _connect {
   weaken $self;
   $id = $self->_loop->client(
     address       => $host,
-    port          => $port,
     handle        => $id,
     local_address => $self->local_address,
+    port          => $port,
     timeout       => $self->connect_timeout,
     tls           => $scheme eq 'https' ? 1 : 0,
     tls_ca        => $self->ca,
@@ -251,6 +251,7 @@ sub _connect_proxy {
         $loop->remove($id);
         weaken $self;
         $id = $loop->client(
+          address  => ($self->transactor->peer($old))[1],
           handle   => $handle,
           timeout  => $self->connect_timeout,
           tls      => 1,