flip/convox
1
0
Fork 0
mirror of https://github.com/FlipsideCrypto/convox.git synced 2026-02-06 10:56:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

router: refuse to generate certificates for unknown hosts (#68)

Browse Source
This commit is contained in:
David Dollar 2020-01-13 09:04:23 -05:00 committed by GitHub
parent e9f72c5ada
commit 2e7b2de757
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/router/router.go
View File

@ -238,6 +238,14 @@ func (r *Router) generateCertificateAutocert(m *autocert.Manager) func(*tls.Clie
return common.CertificateSelfSigned("convox")
}
ts, err := r.storage.TargetList(hello.ServerName)
if err != nil {
return nil, err
}
if len(ts) == 0 {
return nil, fmt.Errorf("unknown host")
}
c, err := m.GetCertificate(hello)
if err != nil {
fmt.Printf("err: %+v\n", err)