diff options
author | Francis Lavoie <lavofr@gmail.com> | 2022-03-25 00:54:03 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-24 22:54:03 -0600 |
commit | a58f240d3ecbb59285303746406cab50217f8d24 (patch) | |
tree | 60da8ebee4a81e8ad608b56e8ab81b55101111a4 /caddyconfig/httpcaddyfile/tlsapp.go | |
parent | 4b75f3e2f09b77b98783ea4d6602391c7283f984 (diff) |
httpcaddyfile: Fix #4640 (auto-HTTPS edgecase) (#4661)
Guh, this is complicated.
Fixes #4640
This also follows up on #4398 (reverting it) which made a change that technically worked, but was incorrect. It changed the condition in `hostsFromKeysNotHTTP` from `&&` to `||`, but then the function no longer did what its name said it would do, and it would return hosts even if they were marked with `http://`, if they used a non-HTTP port. That wasn't the intent of it. The test added in there was kept though, because it is a valid usecase.
The actual fix is to check _earlier_ whether all the addresses explicitly have `http://`, and if so we can short circuit and skip considering the rest.
Diffstat (limited to 'caddyconfig/httpcaddyfile/tlsapp.go')
-rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index daaec95..76d7ebf 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -101,6 +101,12 @@ func (st ServerType) buildTLSApp( } for _, sblock := range p.serverBlocks { + // check the scheme of all the site addresses, + // skip building AP if they all had http:// + if sblock.isAllHTTP() { + continue + } + // get values that populate an automation policy for this block ap, err := newBaseAutomationPolicy(options, warnings, true) if err != nil { |