示例#1
0
func (r *Rules) host(hosts ...string) *mux.Route {
	return r.route.route.MatcherFunc(func(req *http.Request, route *mux.RouteMatch) bool {
		reqHost, _, err := net.SplitHostPort(req.Host)
		if err != nil {
			reqHost = req.Host
		}
		for _, host := range hosts {
			if types.CanonicalDomain(reqHost) == types.CanonicalDomain(host) {
				return true
			}
		}
		return false
	})
}
示例#2
0
func (a *ACME) loadCertificateOnDemand(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
	domain := types.CanonicalDomain(clientHello.ServerName)
	account := a.store.Get().(*Account)
	if certificateResource, ok := account.DomainsCertificate.getCertificateForDomain(domain); ok {
		return certificateResource.tlsCert, nil
	}
	certificate, err := a.getDomainsCertificates([]string{domain})
	if err != nil {
		return nil, err
	}
	log.Debugf("Got certificate on demand for domain %s", domain)

	transaction, object, err := a.store.Begin()
	if err != nil {
		return nil, err
	}
	account = object.(*Account)
	cert, err := account.DomainsCertificate.addCertificateForDomains(certificate, Domain{Main: domain})
	if err != nil {
		return nil, err
	}
	if err = transaction.Commit(account); err != nil {
		return nil, err
	}
	return cert.tlsCert, nil
}
示例#3
0
func (r *Rules) hostRegexp(hosts ...string) *mux.Route {
	router := r.route.route.Subrouter()
	for _, host := range hosts {
		router.Host(types.CanonicalDomain(host))
	}
	return r.route.route
}
示例#4
0
func (a *ACME) getCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
	domain := types.CanonicalDomain(clientHello.ServerName)
	account := a.store.Get().(*Account)
	if challengeCert, ok := a.challengeProvider.getCertificate(domain); ok {
		log.Debugf("ACME got challenge %s", domain)
		return challengeCert, nil
	}
	if domainCert, ok := account.DomainsCertificate.getCertificateForDomain(domain); ok {
		log.Debugf("ACME got domain cert %s", domain)
		return domainCert.tlsCert, nil
	}
	if a.OnDemand {
		if a.checkOnDemandDomain != nil && !a.checkOnDemandDomain(domain) {
			return nil, nil
		}
		return a.loadCertificateOnDemand(clientHello)
	}
	log.Debugf("ACME got nothing %s", domain)
	return nil, nil
}