infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-12 14:24:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

only check the autotls hostnames once when serving

Browse Source 
not twice: for root process and for child process
This commit is contained in:
Mechiel Lukkien
2023-03-05 23:56:02 +01:00
parent 1bee32679a
commit b2e6c29849
18 changed files with 34 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
autotls/autotls.go
View File

@ -188,7 +188,7 @@ func Load(name, acmeDir, contactEmail, directoryURL string, shutdown <-chan stru
// are fully served by publicIPs (only if non-empty and there is no unspecified
// address in the list). If no, log an error with a warning that ACME validation
// may fail.
func (m *Manager) SetAllowedHostnames(resolver dns.Resolver, hostnames map[dns.Domain]struct{}, publicIPs []string) {
func (m *Manager) SetAllowedHostnames(resolver dns.Resolver, hostnames map[dns.Domain]struct{}, publicIPs []string, checkHosts bool) {
m.Lock()
defer m.Unlock()
@ -210,7 +210,7 @@ func (m *Manager) SetAllowedHostnames(resolver dns.Resolver, hostnames map[dns.D
}
m.hosts = hostnames
if len(added) > 0 && len(publicIPs) > 0 {
if checkHosts && len(added) > 0 && len(publicIPs) > 0 {
for _, ip := range publicIPs {
if net.ParseIP(ip).IsUnspecified() {
return
@ -225,6 +225,7 @@ func (m *Manager) SetAllowedHostnames(resolver dns.Resolver, hostnames map[dns.D
publicIPstrs[ip] = struct{}{}
}
xlog.Debug("checking ips of hosts configured for acme tls cert validation")
for _, h := range added {
ips, err := resolver.LookupIP(ctx, "ip", h.ASCII+".")
if err != nil {