From 5f780764ed810cee90eac5f1efda26489d98fd69 Mon Sep 17 00:00:00 2001
From: Lauro Ramos Venancio <lauro.venancio@incognia.com>
Date: Fri, 24 Mar 2023 17:10:41 -0300
Subject: [PATCH] DialHost must connect to the requested host

When a hostname resolves to multiple hosts, multiple HostInfos are
generated. DialHost must connect to the host received as parameter.
If the hostname is used to establish the connection, the dns could
resolve to another host.
The hostname should still be used to verify the TLS connection.
---
 dial.go        | 5 +++--
 host_source.go | 7 +++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/dial.go b/dial.go
index 71c0611bc..0613cebe0 100644
--- a/dial.go
+++ b/dial.go
@@ -45,11 +45,12 @@ func (hd *defaultHostDialer) DialHost(ctx context.Context, host *HostInfo) (*Dia
 		return nil, fmt.Errorf("host missing port: %v", port)
 	}
 
-	addr := host.HostnameAndPort()
-	conn, err := hd.dialer.DialContext(ctx, "tcp", addr)
+	connAddr := host.ConnectAddressAndPort()
+	conn, err := hd.dialer.DialContext(ctx, "tcp", connAddr)
 	if err != nil {
 		return nil, err
 	}
+	addr := host.HostnameAndPort()
 	return WrapTLS(ctx, conn, addr, hd.tlsConfig)
 }
 
diff --git a/host_source.go b/host_source.go
index 1f866fc5e..b9960da7e 100644
--- a/host_source.go
+++ b/host_source.go
@@ -398,6 +398,13 @@ func (h *HostInfo) HostnameAndPort() string {
 	return net.JoinHostPort(h.hostname, strconv.Itoa(h.port))
 }
 
+func (h *HostInfo) ConnectAddressAndPort() string {
+        h.mu.Lock()
+        defer h.mu.Unlock()
+        addr, _ := h.connectAddressLocked()
+        return net.JoinHostPort(addr.String(), strconv.Itoa(h.port))
+}
+
 func (h *HostInfo) String() string {
 	h.mu.RLock()
 	defer h.mu.RUnlock()