mirror of
https://github.com/1Panel-dev/1Panel.git
synced 2026-02-27 08:45:10 +08:00
feat: Add validation when applying wildcard domain certificates in HTTP mode (#8112)
This commit is contained in:
parent
f4685b2831
commit
63631b1118
2 changed files with 21 additions and 5 deletions
|
|
@ -154,6 +154,16 @@ func (w WebsiteSSLService) Create(create request.WebsiteSSLCreate) (request.Webs
|
|||
domains = append(domains, domain)
|
||||
}
|
||||
}
|
||||
if create.Provider == constant.Http {
|
||||
if strings.Contains(create.PrimaryDomain, "*") {
|
||||
return res, buserr.New("ErrWildcardDomain")
|
||||
}
|
||||
for _, domain := range domains {
|
||||
if strings.Contains(domain, "*") {
|
||||
return res, buserr.New("ErrWildcardDomain")
|
||||
}
|
||||
}
|
||||
}
|
||||
websiteSSL.Domains = strings.Join(domains, ",")
|
||||
|
||||
if create.Provider == constant.DNSAccount || create.Provider == constant.Http {
|
||||
|
|
@ -234,6 +244,11 @@ func (w WebsiteSSLService) ObtainSSL(apply request.WebsiteSSLApply) error {
|
|||
return err
|
||||
}
|
||||
|
||||
domains := []string{websiteSSL.PrimaryDomain}
|
||||
if websiteSSL.Domains != "" {
|
||||
domains = append(domains, strings.Split(websiteSSL.Domains, ",")...)
|
||||
}
|
||||
|
||||
switch websiteSSL.Provider {
|
||||
case constant.DNSAccount:
|
||||
dnsAccount, err = websiteDnsRepo.GetFirst(repo.WithByID(websiteSSL.DnsAccountID))
|
||||
|
|
@ -251,6 +266,11 @@ func (w WebsiteSSLService) ObtainSSL(apply request.WebsiteSSLApply) error {
|
|||
}
|
||||
return err
|
||||
}
|
||||
for _, domain := range domains {
|
||||
if strings.Contains(domain, "*") {
|
||||
return buserr.New("ErrWildcardDomain")
|
||||
}
|
||||
}
|
||||
if err := client.UseHTTP(path.Join(appInstall.GetPath(), "root")); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -260,11 +280,6 @@ func (w WebsiteSSLService) ObtainSSL(apply request.WebsiteSSLApply) error {
|
|||
}
|
||||
}
|
||||
|
||||
domains := []string{websiteSSL.PrimaryDomain}
|
||||
if websiteSSL.Domains != "" {
|
||||
domains = append(domains, strings.Split(websiteSSL.Domains, ",")...)
|
||||
}
|
||||
|
||||
var privateKey crypto.PrivateKey
|
||||
if websiteSSL.PrivateKey == "" {
|
||||
privateKey, err = certcrypto.GeneratePrivateKey(ssl.KeyType(websiteSSL.KeyType))
|
||||
|
|
|
|||
|
|
@ -157,6 +157,7 @@ ExecShellStart: "开始执行脚本"
|
|||
ExecShellSuccess: "脚本执行成功"
|
||||
StartUpdateSystemSSL: "开始更新系统证书"
|
||||
UpdateSystemSSLSuccess: "更新系统证书成功"
|
||||
ErrWildcardDomain: "HTTP 模式无法申请泛域名证书"
|
||||
|
||||
#mysql
|
||||
ErrUserIsExist: "当前用户已存在,请重新输入"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue