Skip to content

Commit

Permalink
http: Consider wildcards when evaluating automatic HTTPS
Browse files Browse the repository at this point in the history
  • Loading branch information
mholt committed Sep 13, 2019
1 parent 833d674 commit 839507e
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 9 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ require (
github.com/klauspost/compress v1.7.1-0.20190613161414-0b31f265a57b
github.com/klauspost/cpuid v1.2.1
github.com/lucas-clemente/quic-go v0.7.1-0.20190908032346-fc962d18373a
github.com/mholt/certmagic v0.7.0
github.com/mholt/certmagic v0.7.1
github.com/mitchellh/go-ps v0.0.0-20170309133038-4fdf99ab2936
github.com/muhammadmuzzammil1998/jsonc v0.0.0-20190902132743-e4903c4dea48
github.com/rs/cors v1.6.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -156,8 +156,8 @@ github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzp
github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
github.com/mattn/go-tty v0.0.0-20180219170247-931426f7535a/go.mod h1:XPvLUNfbS4fJH25nqRHfWLMa1ONC8Amw+mIA639KxkE=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
github.com/mholt/certmagic v0.7.0 h1:F1rn76bjfSq5hNF19Jb8TbfCkgR/AAxfSMLUGy1FpX8=
github.com/mholt/certmagic v0.7.0/go.mod h1:hqHzDsY32TwZpj/KswVylheSISjquF/eOVOaJTYV15w=
github.com/mholt/certmagic v0.7.1 h1:nbSSVwvlDE3+vttD/RBikBIkxrlKVkIQOz449gCrG5Q=
github.com/mholt/certmagic v0.7.1/go.mod h1:hqHzDsY32TwZpj/KswVylheSISjquF/eOVOaJTYV15w=
github.com/miekg/dns v1.1.15 h1:CSSIDtllwGLMoA6zjdKnaE6Tx6eVUxQ29LUgGetiDCI=
github.com/miekg/dns v1.1.15/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
Expand Down
4 changes: 2 additions & 2 deletions modules/caddyhttp/caddyhttp.go
Original file line number Diff line number Diff line change
Expand Up @@ -313,8 +313,8 @@ func (app *App) automaticHTTPS() error {
// don't obtain another one for it, unless we are
// supposed to ignore loaded certificates
if !srv.AutoHTTPS.IgnoreLoadedCerts &&
len(tlsApp.CertificatesWithSAN(d)) > 0 {
log.Printf("[INFO][%s] Skipping automatic certificate management because a certificate with that SAN is already loaded", d)
len(tlsApp.AllMatchingCertificates(d)) > 0 {
log.Printf("[INFO][%s] Skipping automatic certificate management because one or more matching certificates are already loaded", d)
continue
}
domainsForCerts = append(domainsForCerts, d)
Expand Down
8 changes: 4 additions & 4 deletions modules/caddytls/tls.go
Original file line number Diff line number Diff line change
Expand Up @@ -200,10 +200,10 @@ func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy {
return AutomationPolicy{Management: new(ACMEManagerMaker)}
}

// CertificatesWithSAN returns the list of all certificates
// in the cache the match the given SAN value.
func (t *TLS) CertificatesWithSAN(san string) []certmagic.Certificate {
return t.certCache.CertificatesWithSAN(san)
// CertificatesForSAN returns the list of all certificates in
// the cache which could be used to satisfy the given SAN.
func (t *TLS) AllMatchingCertificates(san string) []certmagic.Certificate {
return t.certCache.AllMatchingCertificates(san)
}

// CertificateLoader is a type that can load certificates.
Expand Down

0 comments on commit 839507e

Please # to comment.