aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulio Capote <jcapote@gmail.com>2023-01-05 00:01:34 +0000
committerJulio Capote <jcapote@gmail.com>2023-01-05 00:01:34 +0000
commitfcb8fcd6973a1b12fc874097918a38c0730b44f1 (patch)
treef84443ecb4e81a854c1117e427def17cdfa5c503
parentbb6cfa59b1b0601e683406f10a5a8d27b752095e (diff)
downloadcommunique-fcb8fcd6973a1b12fc874097918a38c0730b44f1.tar.gz
warn about proxy misconfiguration
-rw-r--r--registry/registry.go5
1 files changed, 4 insertions, 1 deletions
diff --git a/registry/registry.go b/registry/registry.go
index cbadd5d..417bb9b 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -164,7 +164,10 @@ func (r *Registry) Inbox(name string, req *http.Request) error {
}
logger := r.log.With("type", "inbox")
- logger.Debugf("host header is %s", req.Host)
+ if req.Host != handler.handlerCfg.Name {
+ logger.Warnf("%s != %s, configured domain should match incoming Host: header otherwise HTTP signature verification will fail. You'll need to enable 'ProxyPreserveHost' (for apache2) or proxy_set_header Host $host; (for nginx)", req.Host, handler.handlerCfg.Name)
+ }
+
verifier, err := httpsig.NewVerifier(req)
if err != nil {
return err