httpcaddyfile: Fix panic in automation policy consolidation (#4104)

* httpcaddyfile: Add reproduce test * httpcaddyfile: Don't allow `i` to go below zero
author: Francis Lavoie <lavofr@gmail.com> 2021-04-02 18:47:04 -0400
committer: GitHub <noreply@github.com> 2021-04-02 16:47:04 -0600
commit: 1455d6bb690d8c91159a709cc6d1a0dc01ed9153 (patch)
tree: f1485ec7cf841bc40506db97d4a83758c79b5ffe /caddyconfig
parent: 3401f91dbeae80d22c8df9a4a50de521c69c9e00 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 45ba9d2..85f9e5a 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -491,13 +491,13 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls
 	}
 
 	// remove or combine duplicate policies
+outer:
 	for i := 0; i < len(aps); i++ {
 		// compare only with next policies; we sorted by specificity so we must not delete earlier policies
 		for j := i + 1; j < len(aps); j++ {
 			// if they're exactly equal in every way, just keep one of them
 			if reflect.DeepEqual(aps[i], aps[j]) {
 				aps = append(aps[:j], aps[j+1:]...)
-				i--
 				break
 			}
 
@@ -524,6 +524,7 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls
 					if automationPolicyShadows(i, aps) >= j {
 						aps = append(aps[:i], aps[i+1:]...)
 						i--
+						continue outer
 					}
 				} else {
 					// avoid repeated subjects
author	Francis Lavoie <lavofr@gmail.com>	2021-04-02 18:47:04 -0400
committer	GitHub <noreply@github.com>	2021-04-02 16:47:04 -0600
commit	1455d6bb690d8c91159a709cc6d1a0dc01ed9153 (patch)
tree	f1485ec7cf841bc40506db97d4a83758c79b5ffe /caddyconfig
parent	3401f91dbeae80d22c8df9a4a50de521c69c9e00 (diff)