diff options
author | Francis Lavoie <lavofr@gmail.com> | 2022-07-08 13:04:22 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-08 13:04:22 -0400 |
commit | 54d1923ccb03299aa92bf0ec3ba255e4c851a69e (patch) | |
tree | ea5fad2e5c87b87ca1634df45b7b361630a054b0 | |
parent | c0f76e9ed482b0abde0c3d8f5e26e9f015418ca3 (diff) |
reverseproxy: Adjust new TLS Caddyfile directive names (#4872)
-rw-r--r-- | caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt | 5 | ||||
-rw-r--r-- | modules/caddyhttp/reverseproxy/caddyfile.go | 58 |
2 files changed, 33 insertions, 30 deletions
diff --git a/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt b/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt index ea740f6..e05f1b9 100644 --- a/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt +++ b/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt @@ -24,8 +24,9 @@ https://example.com { max_conns_per_host 5 keepalive_idle_conns_per_host 2 keepalive_interval 30s - renegotiation freely - except_ports 8181 8182 + + tls_renegotiation freely + tls_except_ports 8181 8182 } } } diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go index b2bdf04..4fa4be0 100644 --- a/modules/caddyhttp/reverseproxy/caddyfile.go +++ b/modules/caddyhttp/reverseproxy/caddyfile.go @@ -814,6 +814,8 @@ func (h *Handler) FinalizeUnmarshalCaddyfile(helper httpcaddyfile.Helper) error // tls_timeout <duration> // tls_trusted_ca_certs <cert_files...> // tls_server_name <sni> +// tls_renegotiation <level> +// tls_except_ports <ports...> // keepalive [off|<duration>] // keepalive_interval <interval> // keepalive_idle_conns <max_count> @@ -907,6 +909,11 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { return d.Errf("must specify at least one resolver address") } + case "tls": + if h.TLS == nil { + h.TLS = new(TLSConfig) + } + case "tls_client_auth": if h.TLS == nil { h.TLS = new(TLSConfig) @@ -922,25 +929,6 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { return d.ArgErr() } - case "renegotiation": - if h.TLS == nil { - h.TLS = new(TLSConfig) - } - if !d.NextArg() { - return d.ArgErr() - } - switch renegotiation := d.Val(); renegotiation { - case "never", "once", "freely": - h.TLS.Renegotiation = renegotiation - default: - return d.ArgErr() - } - - case "tls": - if h.TLS == nil { - h.TLS = new(TLSConfig) - } - case "tls_insecure_skip_verify": if d.NextArg() { return d.ArgErr() @@ -982,6 +970,29 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { } h.TLS.ServerName = d.Val() + case "tls_renegotiation": + if h.TLS == nil { + h.TLS = new(TLSConfig) + } + if !d.NextArg() { + return d.ArgErr() + } + switch renegotiation := d.Val(); renegotiation { + case "never", "once", "freely": + h.TLS.Renegotiation = renegotiation + default: + return d.ArgErr() + } + + case "tls_except_ports": + if h.TLS == nil { + h.TLS = new(TLSConfig) + } + h.TLS.ExceptPorts = d.RemainingArgs() + if len(h.TLS.ExceptPorts) == 0 { + return d.ArgErr() + } + case "keepalive": if !d.NextArg() { return d.ArgErr() @@ -1063,15 +1074,6 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { } h.MaxConnsPerHost = num - case "except_ports": - if h.TLS == nil { - h.TLS = new(TLSConfig) - } - h.TLS.ExceptPorts = d.RemainingArgs() - if len(h.TLS.ExceptPorts) == 0 { - return d.ArgErr() - } - default: return d.Errf("unrecognized subdirective %s", d.Val()) } |