Fail to verify SSL identity when recursing into a host with a different SSL cert

[Hexcles]

Here when gh-ost is recursively finding masters:

gh-ost/go/mysql/utils.go

Line 131 in b7db8c6

masterConfig = connectionConfig.Duplicate()

It copies the entire connectionConfig, including the private tlsConfig field:

gh-ost/go/mysql/connection.go

Line 49 in b7db8c6

tlsConfig: this.tlsConfig,

without updating its hostname:

gh-ost/go/mysql/connection.go

Line 98 in b7db8c6

ServerName: this.Key.Hostname,

Hence, it tries to connect to a new host likely with a different hostname and certificate, but still asks x509 to verify against the old hostname, which always fails:

x509: certificate is valid for [old hostname], not [newly found hostname]

[petervandoros]

We have hit this issue as well.

I spent some time and created a PR that resolves the issues described in this issue and confirmed it working:

#1487

[petervandoros]

The above PR has been merged. Just waiting on a release.