luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Use the DNS and IP SANs from the auto config stanza when set

This commit is contained in:
Matt Keeler 2020-06-26 15:13:54 -04:00
parent 1fcb9ef03f
commit a1275c6e7d
No known key found for this signature in database
GPG Key ID: 04DBAE1857E0081B
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
agent/auto-config/auto_config.go
View File

@ -392,6 +392,20 @@ func (ac *AutoConfig) resolveHost(hostPort string) []net.TCPAddr {
// This will persist the configuration to disk (unless in dev mode running without
// a data dir) and will reload the configuration.
func (ac *AutoConfig) recordAutoConfigReply(reply *agentpb.AutoConfigResponse) error {
// overwrite the auto encrypt DNS SANs with the ones specified in the auto_config stanza
if len(ac.config.AutoConfig.DNSSANs) > 0 && reply.Config.AutoEncrypt != nil {
reply.Config.AutoEncrypt.DNSSAN = ac.config.AutoConfig.DNSSANs
}
// overwrite the auto encrypt IP SANs with the ones specified in the auto_config stanza
if len(ac.config.AutoConfig.IPSANs) > 0 && reply.Config.AutoEncrypt != nil {
var ips []string
for _, ip := range ac.config.AutoConfig.IPSANs {
ips = append(ips, ip.String())
}
reply.Config.AutoEncrypt.IPSAN = ips
}
conf, err := json.Marshal(translateConfig(reply.Config))
if err != nil {
return fmt.Errorf("failed to encode auto-config configuration as JSON: %w", err)