Ensure that the interface_domain gets a cert requested for it

This commit is contained in:
Brian Picciano 2023-08-04 12:31:04 +02:00
parent 818c728258
commit 92f7d3d52a
2 changed files with 22 additions and 1 deletions

View File

@ -9,6 +9,7 @@ pub enum GetSettingsResult {
Stored(domain::Settings),
Builtin(domain::config::ConfigBuiltinDomain),
Proxied(domain::config::ConfigProxiedDomain),
Interface,
}
#[derive(thiserror::Error, Debug)]
@ -244,6 +245,8 @@ impl ManagerImpl {
// A proxied domain never needs gemini certs, since gemini requests will be
// transparently proxied to the backing server anyway.
GetSettingsResult::Proxied(config) => (None, !config.https_disabled, false),
GetSettingsResult::Interface => (None, true, false),
};
if let Some(settings) = settings {
@ -286,6 +289,10 @@ impl ManagerImpl {
impl Manager for ManagerImpl {
fn get_settings(&self, domain: &domain::Name) -> Result<GetSettingsResult, GetSettingsError> {
if Some(domain) == self.config.interface_domain.as_ref() {
return Ok(GetSettingsResult::Interface);
}
if let Some(config) = self.config.builtin_domains.get(domain) {
return Ok(GetSettingsResult::Builtin(config.clone()));
}
@ -310,6 +317,11 @@ impl Manager for ManagerImpl {
unexpected::Error::from("can't call get_file on proxied domain").into(),
);
}
GetSettingsResult::Interface => {
return Err(
unexpected::Error::from("can't call get_file on interface domain").into(),
);
}
};
let path = settings.process_path(path);
@ -327,10 +339,11 @@ impl Manager for ManagerImpl {
settings: domain::Settings,
) -> util::BoxFuture<'mgr, Result<(), SyncWithSettingsError>> {
Box::pin(async move {
let is_interface = Some(&domain) == self.config.interface_domain.as_ref();
let is_builtin = self.config.builtin_domains.contains_key(&domain);
let is_proxied = self.config.proxied_domains.contains_key(&domain);
if is_builtin || is_proxied {
if is_interface || is_builtin || is_proxied {
return Err(SyncWithSettingsError::NotModifiable);
}
@ -402,6 +415,13 @@ impl Manager for ManagerImpl {
})
.collect_into(&mut res);
if let Some(ref interface_domain) = self.config.interface_domain {
res.push(ManagedDomain {
domain: interface_domain.clone(),
public: false,
})
}
Ok(res)
}
}

View File

@ -227,6 +227,7 @@ impl Service {
config.public.then(|| config.settings)
}
Ok(domain::manager::GetSettingsResult::Proxied(_)) => None,
Ok(domain::manager::GetSettingsResult::Interface) => None,
Err(domain::manager::GetSettingsError::NotFound) => None,
Err(domain::manager::GetSettingsError::Unexpected(e)) => {
return self.internal_error(