From 27b3b240d5633dde81e4190ec71b45a5a87ed4cc Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Wed, 24 May 2023 17:00:27 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9F=90=E4=B8=AA=E7=BD=91=E7=AB=99=E6=89=BE?= =?UTF-8?q?=E4=B8=8D=E5=88=B0=E8=AF=81=E4=B9=A6=E7=9A=84=E6=83=85=E5=86=B5?= =?UTF-8?q?=E4=B8=8B=E4=B8=8D=E5=86=8D=E8=87=AA=E5=8A=A8=E5=8C=B9=E9=85=8D?= =?UTF-8?q?=E8=AF=81=E4=B9=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/nodes/listener_base.go | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/internal/nodes/listener_base.go b/internal/nodes/listener_base.go index f1703a0..2345dd3 100644 --- a/internal/nodes/listener_base.go +++ b/internal/nodes/listener_base.go @@ -113,21 +113,12 @@ func (this *BaseListener) matchSSL(domain string) (*sslconfigs.SSLPolicy, *tls.C // 通过代理服务域名配置匹配 server, _ := this.findNamedServer(domain) - if server == nil || server.SSLPolicy() == nil || !server.SSLPolicy().IsOn { - // 找不到或者此时的服务没有配置证书,需要搜索所有的Server,通过SSL证书内容中的DNSName匹配 - // TODO 需要思考这种情况下是否允许访问 - for _, server := range group.Servers() { - if server.SSLPolicy() == nil || !server.SSLPolicy().IsOn { - continue - } - cert, ok := server.SSLPolicy().MatchDomain(domain) - if ok { - return server.SSLPolicy(), cert, nil - } - } - + if server == nil { return nil, nil, errors.New("no server found for '" + domain + "'") } + if server.SSLPolicy() == nil || !server.SSLPolicy().IsOn { + return nil, nil, errors.New("no cert found for '" + domain + "'") + } // 证书是否匹配 var sslConfig = server.SSLPolicy()