internal: don't attempt to lookup SNI Certificate if no SNI is sent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
6314be14ad
commit
48f4a971ef
|
@ -102,7 +102,11 @@ func (ps *ProxyServer) GetCertificate(serverName string) *tls.Certificate {
|
|||
}
|
||||
|
||||
func (ps *ProxyServer) getCertificates(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
||||
appCert := ps.GetCertificate(info.ServerName)
|
||||
sn := info.ServerName
|
||||
if sn == "" {
|
||||
return &ps.defaultCert, nil
|
||||
}
|
||||
appCert := ps.GetCertificate(sn)
|
||||
if appCert == nil {
|
||||
return &ps.defaultCert, nil
|
||||
}
|
||||
|
|
Reference in New Issue