From c315579c4eecd24b4e67e32e66b5dc110f9323d0 Mon Sep 17 00:00:00 2001
From: bobzilladev <bob@ngrok.com>
Date: Thu, 19 Oct 2023 13:27:22 -0400
Subject: [PATCH] Adds TLS Renegotiation to the backend

---
 CHANGELOG.md | 4 ++++
 VERSION      | 2 +-
 forward.go   | 5 ++++-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 620f74d..b969339 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.5.1
+
+- Adds TLS Renegotiation to the backend `tls.Config`.
+
 ## 1.5.0
 
 - Added new forwarding API. See `[Session].ListenAndForward` and `[Session].ListenAndServeHTTP`. 
diff --git a/VERSION b/VERSION
index bc80560..26ca594 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.5.0
+1.5.1
diff --git a/forward.go b/forward.go
index 922f6c2..90ac6c5 100644
--- a/forward.go
+++ b/forward.go
@@ -130,7 +130,10 @@ func openBackend(ctx context.Context, logger log15.Logger, tun Tunnel, tunnelCon
 	// Create TLS config if necessary
 	var tlsConfig *tls.Config
 	if usesTLS(url.Scheme) {
-		tlsConfig = &tls.Config{ServerName: url.Hostname()}
+		tlsConfig = &tls.Config{
+			ServerName:    url.Hostname(),
+			Renegotiation: tls.RenegotiateOnceAsClient,
+		}
 	}
 
 	dialer := &net.Dialer{}