From a686610b45094f8cfe018448b164d41d02f1985e Mon Sep 17 00:00:00 2001
From: Ilya Averyanov <av@rubybox.dev>
Date: Wed, 23 Jul 2025 13:33:29 +0300
Subject: [PATCH] fix: use sni host for default ssl verification

---
 src/hackney_connection.erl | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/hackney_connection.erl b/src/hackney_connection.erl
index 836f11b8..1b8eac60 100644
--- a/src/hackney_connection.erl
+++ b/src/hackney_connection.erl
@@ -135,7 +135,11 @@ ssl_opts_2() ->
   hackney_ssl:cipher_opts().
 
 merge_ssl_opts(Host, OverrideOpts) ->
-  DefaultOpts = ssl_opts_1(Host, OverrideOpts),
+  VerifyHost = case proplists:get_value(server_name_indication, OverrideOpts, disable) of
+    disable -> Host;
+    SNI -> SNI
+  end,
+  DefaultOpts = ssl_opts_1(VerifyHost, OverrideOpts),
   MergedOpts = orddict:merge(fun(_K, _V1, V) -> V end,
                              orddict:from_list(DefaultOpts),
                              orddict:from_list(OverrideOpts)),