serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-26 21:53:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove (unimplemented) enterprise TLS matchers

Browse source
This commit is contained in:
Matthew Holt 2019-05-07 11:58:58 -06:00
parent ad3d408067
commit 48b5a80320
1 changed files with 4 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
modules/caddytls/matchers.go
View file

@ -6,46 +6,14 @@ import (
"bitbucket.org/lightcodelabs/caddy2" "bitbucket.org/lightcodelabs/caddy2"
) )
type ( // MatchServerName matches based on SNI.
// MatchServerName matches based on SNI. type MatchServerName []string
MatchServerName []string
// TODO: these others should be enterprise-only, probably
// MatchProtocol matches based on protocol.
MatchProtocol []string // TODO: Protocol or version?
// MatchClientCert matches based on client certificate / client auth?
MatchClientCert struct{} // TODO: client certificate options
// MatchRemote matches based on the remote address of the connection.
MatchRemote []string
// MatchStarlark matches based on a Starlark script.
MatchStarlark string
)
func init() { func init() {
caddy2.RegisterModule(caddy2.Module{ caddy2.RegisterModule(caddy2.Module{
Name: "tls.handshake_match.host", Name: "tls.handshake_match.host",
New: func() (interface{}, error) { return MatchServerName{}, nil }, New: func() (interface{}, error) { return MatchServerName{}, nil },
}) })
caddy2.RegisterModule(caddy2.Module{
Name: "tls.handshake_match.protocol",
New: func() (interface{}, error) { return MatchProtocol{}, nil },
})
caddy2.RegisterModule(caddy2.Module{
Name: "tls.handshake_match.client_cert",
New: func() (interface{}, error) { return MatchClientCert{}, nil },
})
caddy2.RegisterModule(caddy2.Module{
Name: "tls.handshake_match.remote",
New: func() (interface{}, error) { return MatchRemote{}, nil },
})
caddy2.RegisterModule(caddy2.Module{
Name: "tls.handshake_match.starlark",
New: func() (interface{}, error) { return new(MatchStarlark), nil },
})
} }
// Match matches hello based on SNI. // Match matches hello based on SNI.
@ -59,35 +27,5 @@ func (m MatchServerName) Match(hello *tls.ClientHelloInfo) bool {
return false return false
} }
// Match matches hello based on protocol version. // Interface guard
func (m MatchProtocol) Match(hello *tls.ClientHelloInfo) bool { var _ ConnectionMatcher = MatchServerName{}
// TODO: not implemented
return false
}
// Match matches hello based on client certificate.
func (m MatchClientCert) Match(hello *tls.ClientHelloInfo) bool {
// TODO: not implemented
return false
}
// Match matches hello based on remote address.
func (m MatchRemote) Match(hello *tls.ClientHelloInfo) bool {
// TODO: not implemented
return false
}
// Match matches hello based on a Starlark script.
func (m MatchStarlark) Match(hello *tls.ClientHelloInfo) bool {
// TODO: not implemented
return false
}
// Interface guards
var (
_ ConnectionMatcher = MatchServerName{}
_ ConnectionMatcher = MatchProtocol{}
_ ConnectionMatcher = MatchClientCert{}
_ ConnectionMatcher = MatchRemote{}
_ ConnectionMatcher = new(MatchStarlark)
)