summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2021-04-16 11:17:15 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2021-04-16 11:17:22 -0600
commit96bb3659299ae5ef28ffb3f9a23e16417c570924 (patch)
treee8cec60fab91195aa2df86ed813a8594f5a6809a
parent00e12aa918aedcfae3a69292efb70de615e172dd (diff)
httpcaddyfile: Take into account host scheme/port (fix #4113)
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go8
-rw-r--r--caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt28
2 files changed, 32 insertions, 4 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 85f9e5a..1e32be0 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -54,7 +54,7 @@ func (st ServerType) buildTLSApp(
// a hostless key, so that they don't get forgotten/omitted
// by auto-HTTPS (since they won't appear in route matchers)
var serverBlocksWithTLSHostlessKey int
- hostsSharedWithHostlessKey := make(map[string]struct{})
+ httpsHostsSharedWithHostlessKey := make(map[string]struct{})
for _, pair := range pairings {
for _, sb := range pair.serverBlocks {
for _, addr := range sb.keys {
@@ -70,8 +70,8 @@ func (st ServerType) buildTLSApp(
if otherAddr.Original == addr.Original {
continue
}
- if otherAddr.Host != "" {
- hostsSharedWithHostlessKey[otherAddr.Host] = struct{}{}
+ if otherAddr.Host != "" && otherAddr.Scheme != "http" && otherAddr.Port != httpPort {
+ httpsHostsSharedWithHostlessKey[otherAddr.Host] = struct{}{}
}
}
break
@@ -289,7 +289,7 @@ func (st ServerType) buildTLSApp(
internalAP := &caddytls.AutomationPolicy{
IssuersRaw: []json.RawMessage{json.RawMessage(`{"module":"internal"}`)},
}
- for h := range hostsSharedWithHostlessKey {
+ for h := range httpsHostsSharedWithHostlessKey {
al = append(al, h)
if !certmagic.SubjectQualifiesForPublicCert(h) {
internalAP.Subjects = append(internalAP.Subjects, h)
diff --git a/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt b/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt
new file mode 100644
index 0000000..9ccc59e
--- /dev/null
+++ b/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt
@@ -0,0 +1,28 @@
+# Issue #4113
+:80, http://example.com {
+ respond "foo"
+}
+----------
+{
+ "apps": {
+ "http": {
+ "servers": {
+ "srv0": {
+ "listen": [
+ ":80"
+ ],
+ "routes": [
+ {
+ "handle": [
+ {
+ "body": "foo",
+ "handler": "static_response"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+} \ No newline at end of file