From 1351874528b3dc8c77fe00ed438ae8a8d97c32a9 Mon Sep 17 00:00:00 2001
From: Jesse Hallam <jesse.hallam@gmail.com>
Date: Fri, 23 Mar 2018 12:33:50 -0400
Subject: improve error handling around invalid Forward80To443 settings (#8496)

* If Forward80To443 is true, but not configured to listen on 443, fail to start the server with an error message.
* If Forward80To443 is false and LetsEncrypt is true, fail to start the server with an error message.
---
 app/server.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'app/server.go')

diff --git a/app/server.go b/app/server.go
index 0c6c25ba5..e89041ebe 100644
--- a/app/server.go
+++ b/app/server.go
@@ -6,6 +6,7 @@ package app
 import (
 	"context"
 	"crypto/tls"
+	"fmt"
 	"io"
 	"io/ioutil"
 	"net"
@@ -149,8 +150,10 @@ func (a *App) StartServer() error {
 	}
 
 	if *a.Config().ServiceSettings.Forward80To443 {
-		if host, _, err := net.SplitHostPort(addr); err != nil {
+		if host, port, err := net.SplitHostPort(addr); err != nil {
 			l4g.Error("Unable to setup forwarding: " + err.Error())
+		} else if port != "443" {
+			return fmt.Errorf(utils.T("api.server.start_server.forward80to443.enabled_but_listening_on_wrong_port"), port)
 		} else {
 			httpListenAddress := net.JoinHostPort(host, "http")
 
@@ -169,6 +172,8 @@ func (a *App) StartServer() error {
 				}()
 			}
 		}
+	} else if *a.Config().ServiceSettings.UseLetsEncrypt {
+		return errors.New(utils.T("api.server.start_server.forward80to443.disabled_while_using_lets_encrypt"))
 	}
 
 	a.Srv.didFinishListen = make(chan struct{})
-- 
cgit v1.2.3-1-g7c22