mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-27 22:23:48 +03:00
httpcaddyfile: Add auto_https ignore_loaded_certs (#4077)
This commit is contained in:
Francis Lavoie
GitHub
parent
6e0e3e1537
commit
ef7f15f3a4
4 changed files with 43 additions and 6 deletions
|
|
@ -126,10 +126,10 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
|
||||||
// must load each cert only once; otherwise, they each get a
|
// must load each cert only once; otherwise, they each get a
|
||||||
// different tag... since a cert loaded twice has the same
|
// different tag... since a cert loaded twice has the same
|
||||||
// bytes, it will overwrite the first one in the cache, and
|
// bytes, it will overwrite the first one in the cache, and
|
||||||
// only the last cert (and its tag) will survive, so a any conn
|
// only the last cert (and its tag) will survive, so any conn
|
||||||
// policy that is looking for any tag but the last one to be
|
// policy that is looking for any tag other than the last one
|
||||||
// loaded won't find it, and TLS handshakes will fail (see end)
|
// to be loaded won't find it, and TLS handshakes will fail
|
||||||
// of issue #3004)
|
// (see end of issue #3004)
|
||||||
//
|
//
|
||||||
// tlsCertTags maps certificate filenames to their tag.
|
// tlsCertTags maps certificate filenames to their tag.
|
||||||
// This is used to remember which tag is used for each
|
// This is used to remember which tag is used for each
|
||||||
|
|
|
||||||
|
|
@ -451,6 +451,9 @@ func (st *ServerType) serversFromPairings(
|
||||||
if autoHTTPS == "disable_redirects" {
|
if autoHTTPS == "disable_redirects" {
|
||||||
srv.AutoHTTPS.DisableRedir = true
|
srv.AutoHTTPS.DisableRedir = true
|
||||||
}
|
}
|
||||||
|
if autoHTTPS == "ignore_loaded_certs" {
|
||||||
|
srv.AutoHTTPS.IgnoreLoadedCerts = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// sort server blocks by their keys; this is important because
|
// sort server blocks by their keys; this is important because
|
||||||
|
|
|
||||||
|
|
@ -379,8 +379,8 @@ func parseOptAutoHTTPS(d *caddyfile.Dispenser, _ interface{}) (interface{}, erro
|
||||||
if d.Next() {
|
if d.Next() {
|
||||||
return "", d.ArgErr()
|
return "", d.ArgErr()
|
||||||
}
|
}
|
||||||
if val != "off" && val != "disable_redirects" {
|
if val != "off" && val != "disable_redirects" && val != "ignore_loaded_certs" {
|
||||||
return "", d.Errf("auto_https must be either 'off' or 'disable_redirects'")
|
return "", d.Errf("auto_https must be one of 'off', 'disable_redirects' or 'ignore_loaded_certs'")
|
||||||
}
|
}
|
||||||
return val, nil
|
return val, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,34 @@
|
||||||
|
{
|
||||||
|
auto_https ignore_loaded_certs
|
||||||
|
}
|
||||||
|
|
||||||
|
localhost
|
||||||
|
----------
|
||||||
|
{
|
||||||
|
"apps": {
|
||||||
|
"http": {
|
||||||
|
"servers": {
|
||||||
|
"srv0": {
|
||||||
|
"listen": [
|
||||||
|
":443"
|
||||||
|
],
|
||||||
|
"routes": [
|
||||||
|
{
|
||||||
|
"match": [
|
||||||
|
{
|
||||||
|
"host": [
|
||||||
|
"localhost"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"terminal": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"automatic_https": {
|
||||||
|
"ignore_loaded_certificates": true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue