This commit is contained in:
parent
2f6187dc0e
commit
690b55360f
|
@ -354,13 +354,14 @@ func certificateBytes(req *http.Request) ([]byte, error) {
|
||||||
bs = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: hdr})
|
bs = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: hdr})
|
||||||
} else if hdr := req.Header.Get("X-Forwarded-Tls-Client-Cert"); hdr != "" {
|
} else if hdr := req.Header.Get("X-Forwarded-Tls-Client-Cert"); hdr != "" {
|
||||||
// Traefik 2 passtlsclientcert
|
// Traefik 2 passtlsclientcert
|
||||||
// The certificate is in PEM format with url encoding but without newlines
|
//
|
||||||
// and start/end statements. We need to decode, reinstate the newlines every 64
|
// The certificate is in PEM format, maybe with URL encoding
|
||||||
|
// (depends on Traefik version) but without newlines and start/end
|
||||||
|
// statements. We need to decode, reinstate the newlines every 64
|
||||||
// character and add statements for the PEM decoder
|
// character and add statements for the PEM decoder
|
||||||
hdr, err := url.QueryUnescape(hdr)
|
|
||||||
if err != nil {
|
if unesc, err := url.QueryUnescape(hdr); err == nil {
|
||||||
// Decoding failed
|
hdr = unesc
|
||||||
return nil, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for i := 64; i < len(hdr); i += 65 {
|
for i := 64; i < len(hdr); i += 65 {
|
||||||
|
@ -368,7 +369,7 @@ func certificateBytes(req *http.Request) ([]byte, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
hdr = "-----BEGIN CERTIFICATE-----\n" + hdr
|
hdr = "-----BEGIN CERTIFICATE-----\n" + hdr
|
||||||
hdr = hdr + "\n-----END CERTIFICATE-----\n"
|
hdr += "\n-----END CERTIFICATE-----\n"
|
||||||
bs = []byte(hdr)
|
bs = []byte(hdr)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue