TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-03 23:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

某个网站找不到证书的情况下不再自动匹配证书

Browse Source
This commit is contained in:
GoEdgeLab
2023-05-24 17:00:27 +08:00
parent 78ab4d7b1d
commit 27b3b240d5
1 changed files with 4 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
internal/nodes/listener_base.go
View File

@@ -113,21 +113,12 @@ func (this *BaseListener) matchSSL(domain string) (*sslconfigs.SSLPolicy, *tls.C
// 通过代理服务域名配置匹配 // 通过代理服务域名配置匹配
server, _ := this.findNamedServer(domain) server, _ := this.findNamedServer(domain)
if server == nil || server.SSLPolicy() == nil || !server.SSLPolicy().IsOn { if server == nil {
// 找不到或者此时的服务没有配置证书需要搜索所有的Server通过SSL证书内容中的DNSName匹配
// TODO 需要思考这种情况下是否允许访问
for _, server := range group.Servers() {
if server.SSLPolicy() == nil || !server.SSLPolicy().IsOn {
continue
}
cert, ok := server.SSLPolicy().MatchDomain(domain)
if ok {
return server.SSLPolicy(), cert, nil
}
}
return nil, nil, errors.New("no server found for '" + domain + "'") return nil, nil, errors.New("no server found for '" + domain + "'")
} }
if server.SSLPolicy() == nil || !server.SSLPolicy().IsOn {
return nil, nil, errors.New("no cert found for '" + domain + "'")
}
// 证书是否匹配 // 证书是否匹配
var sslConfig = server.SSLPolicy() var sslConfig = server.SSLPolicy()