Add wildcard match to acme domains

2018-03-27 10:18:03 -04:00 · 2018-03-27 10:18:03 -04:00 · f1a05ab73c
commit f1a05ab73c
parent 4c85a41bfb
7 changed files with 219 additions and 34 deletions
--- a/acme/acme.go
+++ b/acme/acme.go
@ -11,7 +11,6 @@ import (
 	"net/http"
 	"os"
 	"reflect"
-	"regexp"
 	"strings"
 	"time"

@ -27,7 +26,7 @@ import (
 	"github.com/containous/traefik/tls/generate"
 	"github.com/containous/traefik/types"
 	"github.com/eapache/channels"
-	acme "github.com/xenolf/lego/acmev2"
+	"github.com/xenolf/lego/acmev2"
 	"github.com/xenolf/lego/providers/dns"
 )

@ -555,15 +554,14 @@ func (a *ACME) getProvidedCertificate(domains string) *tls.Certificate {
 func searchProvidedCertificateForDomains(domain string, certs map[string]*tls.Certificate) *tls.Certificate {
 	// Use regex to test for provided certs that might have been added into TLSConfig
 	for certDomains := range certs {
-		domainCheck := false
+		domainChecked := false
 		for _, certDomain := range strings.Split(certDomains, ",") {
-			selector := "^" + strings.Replace(certDomain, "*.", "[^\\.]*\\.", -1) + "$"
-			domainCheck, _ = regexp.MatchString(selector, domain)
-			if domainCheck {
+			domainChecked = types.MatchDomain(domain, certDomain)
+			if domainChecked {
 				break
 			}
 		}
-		if domainCheck {
+		if domainChecked {
 			log.Debugf("Domain %q checked by provided certificate %q", domain, certDomains)
 			return certs[certDomains]
 		}
@ -684,15 +682,7 @@ func (a *ACME) getValidDomains(domains []string, wildcardAllowed bool) ([]string
 func isDomainAlreadyChecked(domainToCheck string, existentDomains map[string]*tls.Certificate) bool {
 	for certDomains := range existentDomains {
 		for _, certDomain := range strings.Split(certDomains, ",") {
-			// Use regex to test for provided existentDomains that might have been added into TLSConfig
-			selector := "^" + strings.Replace(certDomain, "*.", "[^\\.]*\\.", -1) + "$"
-			domainCheck, err := regexp.MatchString(selector, domainToCheck)
-			if err != nil {
-				log.Errorf("Unable to compare %q and %q : %s", domainToCheck, certDomain, err)
-				continue
-			}
-
-			if domainCheck {
+			if types.MatchDomain(domainToCheck, certDomain) {
 				return true
 			}
 		}