Implement glob pattern hostnames

no wildcard certificates: one certificate per matching hostname that
actually recieves requests

1 files changed, 6 insertions, 4 deletions

diff --git a/src/cert_store.rs b/src/cert_store.rs
index f1b7d2b..8d45df4 100644
--- a/src/cert_store.rs
+++ b/src/cert_store.rs
@@ -14,7 +14,7 @@ use rustls::sign::CertifiedKey;
 
 use crate::cert::{Cert, CertSer};
 use crate::consul::*;
-use crate::proxy_config::ProxyConfig;
+use crate::proxy_config::*;
 
 pub struct CertStore {
 	consul: Consul,
@@ -39,11 +39,13 @@ impl CertStore {
 
 			let proxy_config: Arc<ProxyConfig> = rx_proxy_config.borrow().clone();
 			for ent in proxy_config.entries.iter() {
-				domains.insert(ent.host.clone());
+				if let HostDescription::Hostname(domain) = &ent.host {
+					domains.insert(domain.clone());
+				}
 			}
-			info!("Ensuring we have certs for domains: {:?}", domains);
 
 			for dom in domains.iter() {
+				info!("Ensuring we have certs for domains: {:?}", domains);
 				if let Err(e) = self.get_cert(dom).await {
 					warn!("Error get_cert {}: {}", dom, e);
 				}
@@ -58,7 +60,7 @@ impl CertStore {
 			.borrow()
 			.entries
 			.iter()
-			.any(|ent| ent.host == domain)
+			.any(|ent| ent.host.matches(domain))
 		{
 			bail!("Domain {} should not have a TLS certificate.", domain);
 		}