serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-01-14 06:46:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

httpcaddyfile: Fix panic in automation policy consolidation (#4104)

Browse source 
* httpcaddyfile: Add reproduce test

* httpcaddyfile: Don't allow `i` to go below zero
This commit is contained in:
Francis Lavoie 2021-04-02 18:47:04 -04:00 committed by GitHub
parent 3401f91dbe
commit 1455d6bb69
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 157 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
caddyconfig/httpcaddyfile/tlsapp.go
View file

@ -491,13 +491,13 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls
} }
// remove or combine duplicate policies // remove or combine duplicate policies
outer:
for i := 0; i < len(aps); i++ { for i := 0; i < len(aps); i++ {
// compare only with next policies; we sorted by specificity so we must not delete earlier policies // compare only with next policies; we sorted by specificity so we must not delete earlier policies
for j := i + 1; j < len(aps); j++ { for j := i + 1; j < len(aps); j++ {
// if they're exactly equal in every way, just keep one of them // if they're exactly equal in every way, just keep one of them
if reflect.DeepEqual(aps[i], aps[j]) { if reflect.DeepEqual(aps[i], aps[j]) {
aps = append(aps[:j], aps[j+1:]...) aps = append(aps[:j], aps[j+1:]...)
i--
break break
} }
@ -524,6 +524,7 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls
if automationPolicyShadows(i, aps) >= j { if automationPolicyShadows(i, aps) >= j {
aps = append(aps[:i], aps[i+1:]...) aps = append(aps[:i], aps[i+1:]...)
i-- i--
continue outer
} }
} else { } else {
// avoid repeated subjects // avoid repeated subjects

155
caddytest/integration/caddyfile_adapt/tls_automation_policies_4.txt Normal file
View file

@ -0,0 +1,155 @@
{
email my.email@example.com
}
:82 {
redir https://example.com{uri}
}
:83 {
redir https://example.com{uri}
}
:84 {
redir https://example.com{uri}
}
abc.de {
redir https://example.com{uri}
}
----------
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"match": [
{
"host": [
"abc.de"
]
}
],
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"https://example.com{http.request.uri}"
]
},
"status_code": 302
}
]
}
]
}
],
"terminal": true
}
]
},
"srv1": {
"listen": [
":82"
],
"routes": [
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"https://example.com{http.request.uri}"
]
},
"status_code": 302
}
]
}
]
},
"srv2": {
"listen": [
":83"
],
"routes": [
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"https://example.com{http.request.uri}"
]
},
"status_code": 302
}
]
}
]
},
"srv3": {
"listen": [
":84"
],
"routes": [
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"https://example.com{http.request.uri}"
]
},
"status_code": 302
}
]
}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"issuers": [
{
"email": "my.email@example.com",
"module": "acme"
},
{
"email": "my.email@example.com",
"module": "zerossl"
}
]
},
{
"issuers": [
{
"email": "my.email@example.com",
"module": "acme"
},
{
"email": "my.email@example.com",
"module": "zerossl"
}
]
}
]
}
}
}
}