Don't add empty strings to list of managed certificates

This commit is contained in:
Simon Ser 2020-09-09 13:37:29 +02:00
parent f4d13a4101
commit 6ac58fe450
No known key found for this signature in database
GPG Key ID: 0FDE7BE0E88F5E48
2 changed files with 6 additions and 4 deletions

View File

@ -43,7 +43,7 @@ func parseFrontend(srv *Server, d *Directive) error {
return err return err
} }
var listenNames []string var certNames []string
for _, listenAddr := range d.Params { for _, listenAddr := range d.Params {
host, port, err := net.SplitHostPort(listenAddr) host, port, err := net.SplitHostPort(listenAddr)
if err != nil { if err != nil {
@ -52,9 +52,9 @@ func parseFrontend(srv *Server, d *Directive) error {
// TODO: come up with something more robust // TODO: come up with something more robust
var name string var name string
if host != "localhost" && net.ParseIP(host) == nil { if host != "" && host != "localhost" && net.ParseIP(host) == nil {
name = host name = host
listenNames = append(listenNames, host) certNames = append(certNames, host)
host = "" host = ""
} }
@ -66,7 +66,7 @@ func parseFrontend(srv *Server, d *Directive) error {
} }
} }
if err := srv.certmagic.ManageAsync(context.Background(), listenNames); err != nil { if err := srv.certmagic.ManageAsync(context.Background(), certNames); err != nil {
return fmt.Errorf("failed to manage TLS certificates: %v", err) return fmt.Errorf("failed to manage TLS certificates: %v", err)
} }

View File

@ -118,6 +118,8 @@ func (ln *Listener) handle(conn net.Conn) error {
tlsState := tlsConn.ConnectionState() tlsState := tlsConn.ConnectionState()
// TODO: support wildcard certificates. Sadly this requires solving a DNS
// challenge.
fe, ok := ln.Frontends[tlsState.ServerName] fe, ok := ln.Frontends[tlsState.ServerName]
if !ok { if !ok {
fe, ok = ln.Frontends[""] fe, ok = ln.Frontends[""]