3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-25 22:18:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

envoyconfig: add virtual host domains for certificates in addition to routes

Browse source
This commit is contained in:
Caleb Doxsey 2022-08-30 11:53:30 -06:00
parent 8713108821
commit bfb218a79a
4 changed files with 69 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

23
pkg/cryptutil/tls.go
View file

@ -63,6 +63,29 @@ func GetCertificateForDomain(certificates []tls.Certificate, domain string) (*tl
return GenerateSelfSignedCertificate(domain)
}
// GetCertificateDomains gets all the certificate's matching domain names.
func GetCertificateDomains(cert *tls.Certificate) []string {
if cert == nil || len(cert.Certificate) == 0 {
return nil
}
xcert, err := x509.ParseCertificate(cert.Certificate[0])
if err != nil {
return nil
}
var domains []string
if xcert.Subject.CommonName != "" {
domains = append(domains, xcert.Subject.CommonName)
}
for _, dnsName := range xcert.DNSNames {
if dnsName != "" {
domains = append(domains, dnsName)
}
}
return domains
}
func matchesDomain(cert *tls.Certificate, domain string) bool {
if cert == nil || len(cert.Certificate) == 0 {
return false