Fix ACME ALPN conflict

This commit is contained in:
世界 2023-12-24 18:01:12 +08:00
parent 76a295a660
commit 3eed614dea
No known key found for this signature in database
GPG Key ID: CD109927C34A63C4
3 changed files with 25 additions and 3 deletions

View File

@ -105,5 +105,16 @@ func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Con
}, },
}) })
config = certmagic.New(cache, *config) config = certmagic.New(cache, *config)
return config.TLSConfig(), &acmeWrapper{ctx: ctx, cfg: config, cache: cache, domain: options.Domain}, nil var tlsConfig *tls.Config
if acmeConfig.DisableTLSALPNChallenge || acmeConfig.DNS01Solver != nil {
tlsConfig = &tls.Config{
GetCertificate: config.GetCertificate,
}
} else {
tlsConfig = &tls.Config{
GetCertificate: config.GetCertificate,
NextProtos: []string{ACMETLS1Protocol},
}
}
return tlsConfig, &acmeWrapper{ctx: ctx, cfg: config, cache: cache, domain: options.Domain}, nil
} }

View File

@ -0,0 +1,3 @@
package tls
const ACMETLS1Protocol = "acme-tls/1"

View File

@ -39,11 +39,19 @@ func (c *STDServerConfig) SetServerName(serverName string) {
} }
func (c *STDServerConfig) NextProtos() []string { func (c *STDServerConfig) NextProtos() []string {
return c.config.NextProtos if c.acmeService != nil && len(c.config.NextProtos) > 1 && c.config.NextProtos[0] == ACMETLS1Protocol {
return c.config.NextProtos[1:]
} else {
return c.config.NextProtos
}
} }
func (c *STDServerConfig) SetNextProtos(nextProto []string) { func (c *STDServerConfig) SetNextProtos(nextProto []string) {
c.config.NextProtos = nextProto if c.acmeService != nil && len(c.config.NextProtos) > 1 && c.config.NextProtos[0] == ACMETLS1Protocol {
c.config.NextProtos = append(c.config.NextProtos[:1], nextProto...)
} else {
c.config.NextProtos = nextProto
}
} }
func (c *STDServerConfig) Config() (*STDConfig, error) { func (c *STDServerConfig) Config() (*STDConfig, error) {