serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-28 14:43:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

reverseproxy: Fix casing of RootCAPEMFiles

Browse source
This commit is contained in:
Matthew Holt 2020-01-22 09:35:03 -07:00
parent 5b878d5bd3
commit 6b6cd934d0
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
modules/caddyhttp/reverseproxy/httptransport.go
View file

@ -178,7 +178,7 @@ func (h HTTPTransport) Cleanup() error {
type TLSConfig struct { type TLSConfig struct {
RootCAPool []string `json:"root_ca_pool,omitempty"` RootCAPool []string `json:"root_ca_pool,omitempty"`
// Added to the same pool as above, but brought in from files // Added to the same pool as above, but brought in from files
RootCAPemFiles []string `json:"root_ca_pem_files,omitempty"` RootCAPEMFiles []string `json:"root_ca_pem_files,omitempty"`
// TODO: Should the client cert+key config use caddytls.CertificateLoader modules? // TODO: Should the client cert+key config use caddytls.CertificateLoader modules?
ClientCertificateFile string `json:"client_certificate_file,omitempty"` ClientCertificateFile string `json:"client_certificate_file,omitempty"`
ClientCertificateKeyFile string `json:"client_certificate_key_file,omitempty"` ClientCertificateKeyFile string `json:"client_certificate_key_file,omitempty"`
@ -208,7 +208,7 @@ func (t TLSConfig) MakeTLSClientConfig() (*tls.Config, error) {
} }
// trusted root CAs // trusted root CAs
if len(t.RootCAPool) > 0 || len(t.RootCAPemFiles) > 0 { if len(t.RootCAPool) > 0 || len(t.RootCAPEMFiles) > 0 {
rootPool := x509.NewCertPool() rootPool := x509.NewCertPool()
for _, encodedCACert := range t.RootCAPool { for _, encodedCACert := range t.RootCAPool {
caCert, err := decodeBase64DERCert(encodedCACert) caCert, err := decodeBase64DERCert(encodedCACert)
@ -217,7 +217,7 @@ func (t TLSConfig) MakeTLSClientConfig() (*tls.Config, error) {
} }
rootPool.AddCert(caCert) rootPool.AddCert(caCert)
} }
for _, pemFile := range t.RootCAPemFiles { for _, pemFile := range t.RootCAPEMFiles {
pemData, err := ioutil.ReadFile(pemFile) pemData, err := ioutil.ReadFile(pemFile)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed reading ca cert: %v", err) return nil, fmt.Errorf("failed reading ca cert: %v", err)