From 6f657424743e93d064f8975a930941ba73f53110 Mon Sep 17 00:00:00 2001
From: Jordan Liggitt <jliggitt@redhat.com>
Date: Tue, 17 Apr 2018 00:59:27 -0400
Subject: [PATCH] ensure tls server name is used in transport

---
 staging/src/k8s.io/client-go/transport/transport.go      | 2 +-
 staging/src/k8s.io/client-go/transport/transport_test.go | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/staging/src/k8s.io/client-go/transport/transport.go b/staging/src/k8s.io/client-go/transport/transport.go
index 15be0a3e6b1..c2bb7ae5e44 100644
--- a/staging/src/k8s.io/client-go/transport/transport.go
+++ b/staging/src/k8s.io/client-go/transport/transport.go
@@ -52,7 +52,7 @@ func New(config *Config) (http.RoundTripper, error) {
 // TLSConfigFor returns a tls.Config that will provide the transport level security defined
 // by the provided Config. Will return nil if no transport level security is requested.
 func TLSConfigFor(c *Config) (*tls.Config, error) {
-	if !(c.HasCA() || c.HasCertAuth() || c.TLS.Insecure) {
+	if !(c.HasCA() || c.HasCertAuth() || c.TLS.Insecure || len(c.TLS.ServerName) > 0) {
 		return nil, nil
 	}
 	if c.HasCA() && c.TLS.Insecure {
diff --git a/staging/src/k8s.io/client-go/transport/transport_test.go b/staging/src/k8s.io/client-go/transport/transport_test.go
index 4d2d78f86ce..8de751562d6 100644
--- a/staging/src/k8s.io/client-go/transport/transport_test.go
+++ b/staging/src/k8s.io/client-go/transport/transport_test.go
@@ -101,6 +101,13 @@ func TestNew(t *testing.T) {
 			Config:  &Config{},
 		},
 
+		"server name": {
+			TLS: true,
+			Config: &Config{TLS: TLSConfig{
+				ServerName: "foo",
+			}},
+		},
+
 		"ca transport": {
 			TLS: true,
 			Config: &Config{