mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-27 14:13:48 +03:00
caddytls: Ability to drop connections (close #6294)
This commit is contained in:
parent
7e2510ef43
commit
8d7ac18402
1 changed files with 6 additions and 0 deletions
|
@ -119,6 +119,9 @@ func (cp ConnectionPolicies) TLSConfig(_ caddy.Context) *tls.Config {
|
||||||
continue policyLoop
|
continue policyLoop
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if pol.Drop {
|
||||||
|
return nil, fmt.Errorf("dropping connection")
|
||||||
|
}
|
||||||
return pol.TLSConfig, nil
|
return pol.TLSConfig, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -156,6 +159,9 @@ type ConnectionPolicy struct {
|
||||||
// Maximum TLS protocol version to allow. Default: `tls1.3`
|
// Maximum TLS protocol version to allow. Default: `tls1.3`
|
||||||
ProtocolMax string `json:"protocol_max,omitempty"`
|
ProtocolMax string `json:"protocol_max,omitempty"`
|
||||||
|
|
||||||
|
// Reject TLS connections. EXPERIMENTAL: May change.
|
||||||
|
Drop bool `json:"drop,omitempty"`
|
||||||
|
|
||||||
// Enables and configures TLS client authentication.
|
// Enables and configures TLS client authentication.
|
||||||
ClientAuthentication *ClientAuthentication `json:"client_authentication,omitempty"`
|
ClientAuthentication *ClientAuthentication `json:"client_authentication,omitempty"`
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue