serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-01-14 14:56:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

tls: Few minor improvements/simplifications

Browse source
This commit is contained in:
Matthew Holt 2020-03-23 13:32:17 -06:00
parent 4c43bf8cc8
commit 1698838685
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
3 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
cmd/commandfuncs.go
View file

@ -189,6 +189,10 @@ func cmdRun(fl Flags) (int, error) {
cleanModVersion := strings.TrimPrefix(goModule.Version, "v") cleanModVersion := strings.TrimPrefix(goModule.Version, "v")
certmagic.UserAgent = "Caddy/" + cleanModVersion certmagic.UserAgent = "Caddy/" + cleanModVersion
// by using Caddy, user indicates agreement to CA terms
// (very important, or ACME account creation will fail!)
certmagic.DefaultACME.Agreed = true
// run the initial config // run the initial config
err = caddy.Load(config, true) err = caddy.Load(config, true)
if err != nil { if err != nil {

1
modules/caddytls/acmeissuer.go
View file

@ -116,7 +116,6 @@ func (m *ACMEIssuer) makeIssuerTemplate() certmagic.ACMEManager {
template := certmagic.ACMEManager{ template := certmagic.ACMEManager{
CA: m.CA, CA: m.CA,
Email: m.Email, Email: m.Email,
Agreed: true,
CertObtainTimeout: time.Duration(m.ACMETimeout), CertObtainTimeout: time.Duration(m.ACMETimeout),
TrustedRoots: m.rootPool, TrustedRoots: m.rootPool,
} }

8
modules/caddytls/automation.go
View file

@ -154,7 +154,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error {
} }
// if this automation policy has no Issuer defined, and // if this automation policy has no Issuer defined, and
// none the subjects do not qualify for a public certificate, // none of the subjects qualify for a public certificate,
// set the issuer to internal so that these names can all // set the issuer to internal so that these names can all
// get certificates; critically, we can only do this if an // get certificates; critically, we can only do this if an
// issuer is not explictly configured (IssuerRaw, vs. just // issuer is not explictly configured (IssuerRaw, vs. just
@ -198,7 +198,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error {
KeySource: keySource, KeySource: keySource,
OnDemand: ond, OnDemand: ond,
Storage: storage, Storage: storage,
Issuer: ap.Issuer, // if nil, certmagic.New() will set default in returned Config Issuer: ap.Issuer, // if nil, certmagic.New() will create one
} }
if rev, ok := ap.Issuer.(certmagic.Revoker); ok { if rev, ok := ap.Issuer.(certmagic.Revoker); ok {
template.Revoker = rev template.Revoker = rev
@ -210,8 +210,8 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error {
// access to the correct storage and cache so it can solve // access to the correct storage and cache so it can solve
// ACME challenges -- it's an annoying, inelegant circular // ACME challenges -- it's an annoying, inelegant circular
// dependency that I don't know how to resolve nicely!) // dependency that I don't know how to resolve nicely!)
if configger, ok := ap.Issuer.(ConfigSetter); ok { if annoying, ok := ap.Issuer.(ConfigSetter); ok {
configger.SetConfig(ap.magic) annoying.SetConfig(ap.magic)
} }
return nil return nil