github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-06-01 00:43:23 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve security warnings

Browse Source
This commit is contained in:
Matthew Holt
2021-02-16 13:31:53 -07:00
parent bafb562991
commit fbd00e4b53
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
modules/caddyhttp/app.go
View File

@ -176,8 +176,8 @@ func (app *App) Provision(ctx caddy.Context) error {
// domain fronting is desired and access is not restricted
// based on hostname
if srv.StrictSNIHost == nil && srv.hasTLSClientAuth() {
app.logger.Info("enabling strict SNI-Host matching because TLS client auth is configured",
zap.String("server_name", srvName),
app.logger.Warn("enabling strict SNI-Host enforcement because TLS client auth is configured",
zap.String("server_id", srvName),
)
trueBool := true
srv.StrictSNIHost = &trueBool
@ -283,7 +283,6 @@ func (app *App) Validate() error {
}
}
}
return nil
}