Fix for last commit

author: Matthew Holt <mholt@users.noreply.github.com> 2020-04-01 21:07:38 -0600
committer: Matthew Holt <mholt@users.noreply.github.com> 2020-04-01 21:07:38 -0600
commit: 626f19a264aacd996526695c789ef64532f1494c (patch)
tree: 482850d2ae5c4066a3a32631209501368e015b89 /modules/caddytls
parent: 6ca5828221b25cb781932836d9c6959af857196c (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index 4fd8112..30f7290 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -171,7 +171,14 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
 			// more at handshake-time, but I don't know how to practically pre-build
 			// a certmagic config for each combination of conn policy + automation policy...
 			cfg := *tlsApp.getConfigForName(hello.ServerName)
-			cfg.CertSelection = p.CertSelection
+			if p.CertSelection != nil {
+				// you would think we could just set this whether or not
+				// p.CertSelection is nil, but that leads to panics if
+				// it is, because cfg.CertSelection is an interface,
+				// so it will have a non-nil value even if the actual
+				// value underlying it is nil (sigh)
+				cfg.CertSelection = p.CertSelection
+			}
 			cfg.DefaultServerName = p.DefaultSNI
 			return cfg.GetCertificate(hello)
 		},
author	Matthew Holt <mholt@users.noreply.github.com>	2020-04-01 21:07:38 -0600
committer	Matthew Holt <mholt@users.noreply.github.com>	2020-04-01 21:07:38 -0600
commit	626f19a264aacd996526695c789ef64532f1494c (patch)
tree	482850d2ae5c4066a3a32631209501368e015b89 /modules/caddytls
parent	6ca5828221b25cb781932836d9c6959af857196c (diff)