mirror of
https://github.com/caddyserver/caddy.git
synced 2025-02-02 23:28:22 +03:00
caddytls: Move config of certmagic storage to NewConfig (fixes #2465)
Breaking API change for server type plugins that use caddytls package. Now an error value is returned from NewConfig as well. Sorry about that.
This commit is contained in:
parent
22db8bcf3d
commit
0a95b5d359
3 changed files with 30 additions and 27 deletions
|
@ -190,7 +190,10 @@ func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []cadd
|
||||||
// Make our caddytls.Config, which has a pointer to the
|
// Make our caddytls.Config, which has a pointer to the
|
||||||
// instance's certificate cache and enough information
|
// instance's certificate cache and enough information
|
||||||
// to use automatic HTTPS when the time comes
|
// to use automatic HTTPS when the time comes
|
||||||
caddytlsConfig := caddytls.NewConfig(h.instance)
|
caddytlsConfig, err := caddytls.NewConfig(h.instance)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("creating new caddytls configuration: %v", err)
|
||||||
|
}
|
||||||
caddytlsConfig.Hostname = addr.Host
|
caddytlsConfig.Hostname = addr.Host
|
||||||
caddytlsConfig.Manager.AltHTTPPort = altHTTPPort
|
caddytlsConfig.Manager.AltHTTPPort = altHTTPPort
|
||||||
caddytlsConfig.Manager.AltTLSALPNPort = altTLSALPNPort
|
caddytlsConfig.Manager.AltTLSALPNPort = altTLSALPNPort
|
||||||
|
|
|
@ -19,6 +19,8 @@ import (
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"os"
|
||||||
|
"sync/atomic"
|
||||||
|
|
||||||
"github.com/xenolf/lego/challenge/tlsalpn01"
|
"github.com/xenolf/lego/challenge/tlsalpn01"
|
||||||
|
|
||||||
|
@ -95,11 +97,31 @@ type Config struct {
|
||||||
// NewConfig returns a new Config with a pointer to the instance's
|
// NewConfig returns a new Config with a pointer to the instance's
|
||||||
// certificate cache. You will usually need to set other fields on
|
// certificate cache. You will usually need to set other fields on
|
||||||
// the returned Config for successful practical use.
|
// the returned Config for successful practical use.
|
||||||
func NewConfig(inst *caddy.Instance) *Config {
|
func NewConfig(inst *caddy.Instance) (*Config, error) {
|
||||||
inst.StorageMu.RLock()
|
inst.StorageMu.RLock()
|
||||||
certCache, ok := inst.Storage[CertCacheInstStorageKey].(*certmagic.Cache)
|
certCache, ok := inst.Storage[CertCacheInstStorageKey].(*certmagic.Cache)
|
||||||
inst.StorageMu.RUnlock()
|
inst.StorageMu.RUnlock()
|
||||||
if !ok || certCache == nil {
|
if !ok || certCache == nil {
|
||||||
|
// set up the clustering plugin, if there is one (and there should always
|
||||||
|
// be one since this tls plugin requires it) -- this should be done exactly
|
||||||
|
// once, but we can't do it during init while plugins are still registering,
|
||||||
|
// so do it as soon as we run a setup)
|
||||||
|
if atomic.CompareAndSwapInt32(&clusterPluginSetup, 0, 1) {
|
||||||
|
clusterPluginName := os.Getenv("CADDY_CLUSTERING")
|
||||||
|
if clusterPluginName == "" {
|
||||||
|
clusterPluginName = "file" // name of default storage plugin
|
||||||
|
}
|
||||||
|
clusterFn, ok := clusterProviders[clusterPluginName]
|
||||||
|
if ok {
|
||||||
|
storage, err := clusterFn()
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("constructing cluster plugin %s: %v", clusterPluginName, err)
|
||||||
|
}
|
||||||
|
certmagic.DefaultStorage = storage
|
||||||
|
} else {
|
||||||
|
return nil, fmt.Errorf("unrecognized cluster plugin (was it included in the Caddy build?): %s", clusterPluginName)
|
||||||
|
}
|
||||||
|
}
|
||||||
certCache = certmagic.NewCache(certmagic.DefaultStorage)
|
certCache = certmagic.NewCache(certmagic.DefaultStorage)
|
||||||
inst.OnShutdown = append(inst.OnShutdown, func() error {
|
inst.OnShutdown = append(inst.OnShutdown, func() error {
|
||||||
certCache.Stop()
|
certCache.Stop()
|
||||||
|
@ -111,7 +133,7 @@ func NewConfig(inst *caddy.Instance) *Config {
|
||||||
}
|
}
|
||||||
return &Config{
|
return &Config{
|
||||||
Manager: certmagic.NewWithCache(certCache, certmagic.Config{}),
|
Manager: certmagic.NewWithCache(certCache, certmagic.Config{}),
|
||||||
}
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// buildStandardTLSConfig converts cfg (*caddytls.Config) to a *tls.Config
|
// buildStandardTLSConfig converts cfg (*caddytls.Config) to a *tls.Config
|
||||||
|
@ -519,6 +541,8 @@ var defaultCurves = []tls.CurveID{
|
||||||
tls.CurveP256,
|
tls.CurveP256,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var clusterPluginSetup int32 // access atomically
|
||||||
|
|
||||||
// CertCacheInstStorageKey is the name of the key for
|
// CertCacheInstStorageKey is the name of the key for
|
||||||
// accessing the certificate storage on the *caddy.Instance.
|
// accessing the certificate storage on the *caddy.Instance.
|
||||||
const CertCacheInstStorageKey = "tls_cert_cache"
|
const CertCacheInstStorageKey = "tls_cert_cache"
|
||||||
|
|
|
@ -26,7 +26,6 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"sync/atomic"
|
|
||||||
|
|
||||||
"github.com/mholt/caddy"
|
"github.com/mholt/caddy"
|
||||||
"github.com/mholt/caddy/telemetry"
|
"github.com/mholt/caddy/telemetry"
|
||||||
|
@ -44,27 +43,6 @@ func init() {
|
||||||
// are specified by the user in the config file. All the automatic HTTPS
|
// are specified by the user in the config file. All the automatic HTTPS
|
||||||
// stuff comes later outside of this function.
|
// stuff comes later outside of this function.
|
||||||
func setupTLS(c *caddy.Controller) error {
|
func setupTLS(c *caddy.Controller) error {
|
||||||
// set up the clustering plugin, if there is one (and there should always
|
|
||||||
// be one since this tls plugin requires it) -- this should be done exactly
|
|
||||||
// once, but we can't do it during init while plugins are still registering,
|
|
||||||
// so do it as soon as we run a setup)
|
|
||||||
if atomic.CompareAndSwapInt32(&clusterPluginSetup, 0, 1) {
|
|
||||||
clusterPluginName := os.Getenv("CADDY_CLUSTERING")
|
|
||||||
if clusterPluginName == "" {
|
|
||||||
clusterPluginName = "file" // name of default storage plugin
|
|
||||||
}
|
|
||||||
clusterFn, ok := clusterProviders[clusterPluginName]
|
|
||||||
if ok {
|
|
||||||
storage, err := clusterFn()
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("constructing cluster plugin %s: %v", clusterPluginName, err)
|
|
||||||
}
|
|
||||||
certmagic.DefaultStorage = storage
|
|
||||||
} else {
|
|
||||||
return fmt.Errorf("unrecognized cluster plugin (was it included in the Caddy build?): %s", clusterPluginName)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
configGetter, ok := configGetters[c.ServerType()]
|
configGetter, ok := configGetters[c.ServerType()]
|
||||||
if !ok {
|
if !ok {
|
||||||
return fmt.Errorf("no caddytls.ConfigGetter for %s server type; must call RegisterConfigGetter", c.ServerType())
|
return fmt.Errorf("no caddytls.ConfigGetter for %s server type; must call RegisterConfigGetter", c.ServerType())
|
||||||
|
@ -445,5 +423,3 @@ func loadCertsInDir(cfg *Config, c *caddy.Controller, dir string) error {
|
||||||
func constructDefaultClusterPlugin() (certmagic.Storage, error) {
|
func constructDefaultClusterPlugin() (certmagic.Storage, error) {
|
||||||
return &certmagic.FileStorage{Path: caddy.AssetsPath()}, nil
|
return &certmagic.FileStorage{Path: caddy.AssetsPath()}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
var clusterPluginSetup int32 // access atomically
|
|
||||||
|
|
Loading…
Reference in a new issue