fix: SNI disabled with tls+ssh

Fix a bug in the ssh base client where not specifying the tlsServerName (as is the default) caused SNI to be disabled
livecycle · Feb 12, 2024 · ed206b9 · ed206b9
1 parent 66c0be3
commit ed206b9
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/packages/common/src/ssh/base-client.ts b/packages/common/src/ssh/base-client.ts
@@ -52,7 +52,7 @@ const connectTls = (
   { hostname: host, port, tlsServerName, insecureSkipVerify }: Pick<SshTlsConnectionConfig, 'hostname' | 'port' | 'tlsServerName' | 'insecureSkipVerify'>
 ) => new Promise<TLSSocket>((resolve, reject) => {
   const socket: TLSSocket = tls.connect({
-    servername: tlsServerName,
+    servername: tlsServerName ?? host, // setting the servername to undefined will disable SNI
     rejectUnauthorized: !insecureSkipVerify,
     ALPNProtocols: ['ssh'],
     host,