From 290798b8215c2f61ad6e6ccb5463ce599486f2a5 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 24 Aug 2018 20:01:13 +0000 Subject: [PATCH] http: fix TLS server name indication by default, hackney only sent TLS server name indication if TLS was locked to TLS 1.2. since there are many instances out there not speaking TLS 1.2, it is not acceptable to lock SNI to TLS 1.2. closes #261 --- lib/pleroma/http/http.ex | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/http/http.ex b/lib/pleroma/http/http.ex index 84f34eb4a..c19bccf60 100644 --- a/lib/pleroma/http/http.ex +++ b/lib/pleroma/http/http.ex @@ -1,5 +1,23 @@ defmodule Pleroma.HTTP do - use HTTPoison.Base + require HTTPoison + + def request(method, url, body \\ "", headers \\ [], options \\ []) do + options = + process_request_options(options) + |> process_sni_options(url) + + HTTPoison.request(method, url, body, headers, options) + end + + defp process_sni_options(options, url) do + uri = URI.parse(url) + host = uri.host |> to_charlist() + + case uri.scheme do + "https" -> options ++ [ssl: [server_name_indication: host]] + _ -> options + end + end def process_request_options(options) do config = Application.get_env(:pleroma, :http, []) @@ -10,4 +28,9 @@ defmodule Pleroma.HTTP do _ -> options ++ [proxy: proxy] end end + + def get(url, headers \\ [], options \\ []), do: request(:get, url, "", headers, options) + + def post(url, body, headers \\ [], options \\ []), + do: request(:post, url, body, headers, options) end -- 2.45.2