From bf20b047f742f47cbf937d9c000d86d0d71ef38c Mon Sep 17 00:00:00 2001
From: mceIdo <58237675+mceIdo@users.noreply.github.com>
Date: Tue, 9 May 2023 11:34:28 +0300
Subject: [PATCH] [pac-proxy-agent] Add servername to tls options when
 connecting in DIRECT (#159)

---
 .changeset/stupid-queens-listen.md    |  5 +++++
 packages/pac-proxy-agent/src/index.ts | 10 +++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 .changeset/stupid-queens-listen.md

diff --git a/.changeset/stupid-queens-listen.md b/.changeset/stupid-queens-listen.md
new file mode 100644
index 00000000..be443a72
--- /dev/null
+++ b/.changeset/stupid-queens-listen.md
@@ -0,0 +1,5 @@
+---
+'pac-proxy-agent': patch
+---
+
+Add `servername` to tls connection options when pac-proxy-agent results in DIRECT connection
diff --git a/packages/pac-proxy-agent/src/index.ts b/packages/pac-proxy-agent/src/index.ts
index bcc821d3..1026784c 100644
--- a/packages/pac-proxy-agent/src/index.ts
+++ b/packages/pac-proxy-agent/src/index.ts
@@ -232,7 +232,15 @@ export class PacProxyAgent<Uri extends string> extends Agent {
 
 			if (type === 'DIRECT') {
 				// Direct connection to the destination endpoint
-				socket = secureEndpoint ? tls.connect(opts) : net.connect(opts);
+				if (secureEndpoint) {
+					const servername = opts.servername || opts.host;
+					socket = tls.connect({
+						...opts,
+						servername: (!servername || net.isIP(servername)) ? undefined : servername,
+					});
+				} else {
+					socket = net.connect(opts);
+				}
 			} else if (type === 'SOCKS' || type === 'SOCKS5') {
 				// Use a SOCKSv5h proxy
 				agent = new SocksProxyAgent(`socks://${target}`, this.opts);