internal: don't attempt to lookup SNI Certificate if no SNI is sent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-02-09 12:33:25 +01:00
parent 6314be14ad
commit 48f4a971ef
1 changed files with 5 additions and 1 deletions

View File

@ -102,7 +102,11 @@ func (ps *ProxyServer) GetCertificate(serverName string) *tls.Certificate {
}
func (ps *ProxyServer) getCertificates(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
appCert := ps.GetCertificate(info.ServerName)
sn := info.ServerName
if sn == "" {
return &ps.defaultCert, nil
}
appCert := ps.GetCertificate(sn)
if appCert == nil {
return &ps.defaultCert, nil
}