From 3b9585fb61bc48ccc8a76c2cd2e4189af75c85d3 Mon Sep 17 00:00:00 2001
From: Hokuang Miao <heguang.miao@gmail.com>
Date: Wed, 22 May 2024 20:11:19 +1000
Subject: [PATCH] Fixed SSL IP address verification

---
 lib/mongo/mongo_db_connection.ex | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/mongo/mongo_db_connection.ex b/lib/mongo/mongo_db_connection.ex
index deb07953..7b6f4977 100644
--- a/lib/mongo/mongo_db_connection.ex
+++ b/lib/mongo/mongo_db_connection.ex
@@ -164,7 +164,13 @@ defmodule Mongo.MongoDBConnection do
 
   defp ssl(opts, %{connection: {:gen_tcp, socket}} = state) do
     host = (opts[:hostname] || "localhost") |> to_charlist
-    ssl_opts = Keyword.put_new(opts[:ssl_opts] || [], :server_name_indication, host)
+
+    # Do not set SNI for IP addresses
+    ssl_opts =
+      case :inet.parse_address(host) do
+        {:ok, _} -> opts[:ssl_opts]
+        _ -> Keyword.put_new(opts[:ssl_opts] || [], :server_name_indication, host)
+      end
 
     case :ssl.connect(socket, ssl_opts, state.connect_timeout) do
       {:ok, ssl_sock} ->