mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-22 02:15:45 +03:00
Use func from stdlib to clone *tls.Config for calming vet
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
This commit is contained in:
parent
1236e492a9
commit
740a6a7ad5
1 changed files with 29 additions and 4 deletions
|
@ -113,6 +113,34 @@ func (s *Server) Serve() error {
|
||||||
return server.ListenAndServe()
|
return server.ListenAndServe()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// copy from net/http/transport.go
|
||||||
|
func cloneTLSConfig(cfg *tls.Config) *tls.Config {
|
||||||
|
if cfg == nil {
|
||||||
|
return &tls.Config{}
|
||||||
|
}
|
||||||
|
return &tls.Config{
|
||||||
|
Rand: cfg.Rand,
|
||||||
|
Time: cfg.Time,
|
||||||
|
Certificates: cfg.Certificates,
|
||||||
|
NameToCertificate: cfg.NameToCertificate,
|
||||||
|
GetCertificate: cfg.GetCertificate,
|
||||||
|
RootCAs: cfg.RootCAs,
|
||||||
|
NextProtos: cfg.NextProtos,
|
||||||
|
ServerName: cfg.ServerName,
|
||||||
|
ClientAuth: cfg.ClientAuth,
|
||||||
|
ClientCAs: cfg.ClientCAs,
|
||||||
|
InsecureSkipVerify: cfg.InsecureSkipVerify,
|
||||||
|
CipherSuites: cfg.CipherSuites,
|
||||||
|
PreferServerCipherSuites: cfg.PreferServerCipherSuites,
|
||||||
|
SessionTicketsDisabled: cfg.SessionTicketsDisabled,
|
||||||
|
SessionTicketKey: cfg.SessionTicketKey,
|
||||||
|
ClientSessionCache: cfg.ClientSessionCache,
|
||||||
|
MinVersion: cfg.MinVersion,
|
||||||
|
MaxVersion: cfg.MaxVersion,
|
||||||
|
CurvePreferences: cfg.CurvePreferences,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// ListenAndServeTLSWithSNI serves TLS with Server Name Indication (SNI) support, which allows
|
// ListenAndServeTLSWithSNI serves TLS with Server Name Indication (SNI) support, which allows
|
||||||
// multiple sites (different hostnames) to be served from the same address. This method is
|
// multiple sites (different hostnames) to be served from the same address. This method is
|
||||||
// adapted directly from the std lib's net/http ListenAndServeTLS function, which was
|
// adapted directly from the std lib's net/http ListenAndServeTLS function, which was
|
||||||
|
@ -123,10 +151,7 @@ func ListenAndServeTLSWithSNI(srv *http.Server, tlsConfigs []TLSConfig) error {
|
||||||
addr = ":https"
|
addr = ":https"
|
||||||
}
|
}
|
||||||
|
|
||||||
config := new(tls.Config)
|
config := cloneTLSConfig(srv.TLSConfig)
|
||||||
if srv.TLSConfig != nil {
|
|
||||||
*config = *srv.TLSConfig
|
|
||||||
}
|
|
||||||
if config.NextProtos == nil {
|
if config.NextProtos == nil {
|
||||||
config.NextProtos = []string{"http/1.1"}
|
config.NextProtos = []string{"http/1.1"}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue