Is there some way to get the host server name from a TLS net.Conn?

torntrousers · June 26, 2022, 6:15am

I’ve a Go TLS server with a wildcard domain *.myserver.com so remote clients can call it with foo.myserver.com or bar.myserver.com, is there some way I can find out which hostname a client used from the net.Conn that I get back Listerner.Accept()?

All I’ve found so far is if i use GetConfigForClient on the tls.Config of the server then that function does get the server name:

	tlsConfig := &tls.Config{
		GetConfigForClient: getConfigForClient,
	}

func getConfigForClient(hi *tls.ClientHelloInfo) (*tls.Config, error) {
        // does print the full name: foo.myserver.com
  	log.Println("Server.getConfigForClient hostName:", hi.ServerName) 
 . . .
}

but I can’t find a way to get that or pass that to a listener handler.

Thanks for any help.

Massimo.Costa · June 26, 2022, 8:22pm

you could store this info in a data structure and then do lookup in the handler. ClientHelloInfo contains also the net.Conn so maybe you could use a map with net.Conn as key

torntrousers · June 26, 2022, 9:32pm

Thats the type of thing I’m hoping but I can’t yet see how. Nothing I can find has access to both the host name and the net.Conn.

Massimo.Costa · June 27, 2022, 7:33am

well in ClientHelloInfo you have both no?

inside the getConfigForClient() you can read both and store in a global map

torntrousers · June 28, 2022, 8:59pm

The problem with that is that net.Conn is an interface and the instance from the ClientHelloInfo in getConfigForClient is not the same thing that is returned from net.Listener.Accept()

torntrousers · July 4, 2022, 6:00am

We have something wokring now by using a map with key net.Conn.RemoteAddr().String() which is the remote client’s ip address and port. This seems to work ok, but is it going to be unique it all scenarios?