1
0
Fork 0

Merge current v2.11 into v3.0

This commit is contained in:
mmatur 2024-03-12 10:38:29 +01:00
commit 05be441027
No known key found for this signature in database
GPG key ID: 2FFE42FC256CFF8E
156 changed files with 5826 additions and 8436 deletions

View file

@ -40,7 +40,7 @@ func (o *Options) SetDefaults() {
// Store holds the options for a given Store.
type Store struct {
DefaultCertificate *Certificate `json:"defaultCertificate,omitempty" toml:"defaultCertificate,omitempty" yaml:"defaultCertificate,omitempty" export:"true"`
DefaultCertificate *Certificate `json:"defaultCertificate,omitempty" toml:"defaultCertificate,omitempty" yaml:"defaultCertificate,omitempty" label:"-" export:"true"`
DefaultGeneratedCert *GeneratedCert `json:"defaultGeneratedCert,omitempty" toml:"defaultGeneratedCert,omitempty" yaml:"defaultGeneratedCert,omitempty" export:"true"`
}

View file

@ -6,6 +6,7 @@ import (
"crypto/x509"
"errors"
"fmt"
"slices"
"strings"
"sync"
@ -189,7 +190,7 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) {
tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
domainToCheck := types.CanonicalDomain(clientHello.ServerName)
if isACMETLS(clientHello) {
if slices.Contains(clientHello.SupportedProtos, tlsalpn01.ACMETLS1Protocol) {
certificate := acmeTLSStore.GetBestCertificate(clientHello)
if certificate == nil {
log.Debug().Msgf("TLS: no certificate for TLSALPN challenge: %s", domainToCheck)
@ -427,13 +428,3 @@ func buildDefaultCertificate(defaultCertificate *Certificate) (*tls.Certificate,
}
return &cert, nil
}
func isACMETLS(clientHello *tls.ClientHelloInfo) bool {
for _, proto := range clientHello.SupportedProtos {
if proto == tlsalpn01.ACMETLS1Protocol {
return true
}
}
return false
}