diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2020-12-07 14:22:47 -0700 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2020-12-07 14:22:47 -0700 |
commit | 7e719157d9b7002fc09de63344f7b4fdfa7e9f57 (patch) | |
tree | 7a23f0b93af7cd7b04f100320bdbb67ca693a523 | |
parent | 6e9ac248dd5c2f7a4cd4e37ff277a86c18085be6 (diff) |
httpcaddyfile: Decrement counter when removing conn policy (fix #3906)
-rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 2 | ||||
-rw-r--r-- | caddytest/integration/caddyfile_adapt/tls_conn_policy_consolidate.txt | 137 |
2 files changed, 139 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index fe4c1b1..6a6e3ca 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -487,6 +487,7 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls // remove or combine duplicate policies for i := 0; i < len(aps); i++ { + // compare only with next policies; we sorted by specificity so we must not delete earlier policies for j := i + 1; j < len(aps); j++ { // if they're exactly equal in every way, just keep one of them if reflect.DeepEqual(aps[i], aps[j]) { @@ -526,6 +527,7 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls } } aps = append(aps[:j], aps[j+1:]...) + j-- } } } diff --git a/caddytest/integration/caddyfile_adapt/tls_conn_policy_consolidate.txt b/caddytest/integration/caddyfile_adapt/tls_conn_policy_consolidate.txt new file mode 100644 index 0000000..ba6827e --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/tls_conn_policy_consolidate.txt @@ -0,0 +1,137 @@ +# https://github.com/caddyserver/caddy/issues/3906 +a.a { + tls internal + respond 403 +} + +http://b.b https://b.b:8443 { + tls internal + respond 404 +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "routes": [ + { + "match": [ + { + "host": [ + "a.a" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "static_response", + "status_code": 403 + } + ] + } + ] + } + ], + "terminal": true + } + ] + }, + "srv1": { + "listen": [ + ":80" + ], + "routes": [ + { + "match": [ + { + "host": [ + "b.b" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "static_response", + "status_code": 404 + } + ] + } + ] + } + ], + "terminal": true + } + ], + "automatic_https": { + "skip": [ + "b.b" + ] + } + }, + "srv2": { + "listen": [ + ":8443" + ], + "routes": [ + { + "match": [ + { + "host": [ + "b.b" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "static_response", + "status_code": 404 + } + ] + } + ] + } + ], + "terminal": true + } + ] + } + } + }, + "tls": { + "automation": { + "policies": [ + { + "subjects": [ + "a.a", + "b.b" + ], + "issuers": [ + { + "module": "internal" + } + ] + } + ] + } + } + } +}
\ No newline at end of file |