output invalid and unknown sni
This commit is contained in:
parent
4482e97dcb
commit
3994c7fd5c
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "@root/greenlock-express",
|
||||
"version": "3.0.16",
|
||||
"version": "3.0.17",
|
||||
"description": "Free SSL and managed or automatic HTTPS for node.js with Express, Koa, Connect, Hapi, and all other middleware systems.",
|
||||
"main": "greenlock-express.js",
|
||||
"homepage": "https://greenlock.domains",
|
||||
|
|
21
sni.js
21
sni.js
|
@ -60,9 +60,20 @@ sni.create = function(greenlock, secureOpts) {
|
|||
cb(null, secureContext);
|
||||
return;
|
||||
}
|
||||
|
||||
// Note: this does not replace tlsSocket.setSecureContext()
|
||||
// as it only works when SNI has been sent
|
||||
//console.log("debug sni got default context", servername, getCachedMeta(servername));
|
||||
if (!/PROD/.test(process.env.ENV) || /DEV|STAG/.test(process.env.ENV)) {
|
||||
// Change this once
|
||||
// A) the 'notify' message passing is verified fixed in cluster mode
|
||||
// B) we have a good way to let people know their server isn't configured
|
||||
console.debug("debug: ignoring servername " + JSON.stringify(servername));
|
||||
console.debug(" (it's probably either missing from your config, or a bot)");
|
||||
notify("servername_unknown", {
|
||||
servername: servername
|
||||
});
|
||||
}
|
||||
cb(null, getDefaultContext());
|
||||
})
|
||||
.catch(function(err) {
|
||||
|
@ -110,6 +121,16 @@ sni.create = function(greenlock, secureOpts) {
|
|||
function getFreshContext(servername) {
|
||||
var meta = getCachedMeta(servername);
|
||||
if (!meta && !validServername(servername)) {
|
||||
if ((servername && !/PROD/.test(process.env.ENV)) || /DEV|STAG/.test(process.env.ENV)) {
|
||||
// Change this once
|
||||
// A) the 'notify' message passing is verified fixed in cluster mode
|
||||
// B) we have a good way to let people know their server isn't configured
|
||||
console.debug("debug: invalid servername " + JSON.stringify(servername));
|
||||
console.debug(" (it's probably just a bot trolling for vulnerable servers)");
|
||||
notify("servername_invalid", {
|
||||
servername: servername
|
||||
});
|
||||
}
|
||||
return Promise.resolve(null);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue