From: Christian Himpel <chressie@googlemail.com>
Date: Tue, 25 Sep 2012 16:22:13 +0000 (-0700)
Subject: net/http: use tls host instead of proxy, when checking against a certificate
X-Git-Tag: go1.1rc2~2326
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=1b6d4b5c0a33909c0f17328e6a45c53d939f5ace;p=gostls13.git

net/http: use tls host instead of proxy, when checking against a certificate

Fixes #4152.

R=bradfitz
CC=golang-dev
https://golang.org/cl/6570045
---

diff --git a/src/pkg/net/http/transport.go b/src/pkg/net/http/transport.go
index a33d787f25..651f3ce008 100644
--- a/src/pkg/net/http/transport.go
+++ b/src/pkg/net/http/transport.go
@@ -381,7 +381,7 @@ func (t *Transport) getConn(cm *connectMethod) (*persistConn, error) {
 		// Initiate TLS and check remote host name against certificate.
 		cfg := t.TLSClientConfig
 		if cfg == nil || cfg.ServerName == "" {
-			host, _, _ := net.SplitHostPort(cm.addr())
+			host := cm.tlsHost()
 			if cfg == nil {
 				cfg = &tls.Config{ServerName: host}
 			} else {