summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--caddyconfig/httpcaddyfile/tlsapp.go10
-rw-r--r--caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt62
2 files changed, 69 insertions, 3 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go
index 1e32be0..72f99be 100644
--- a/caddyconfig/httpcaddyfile/tlsapp.go
+++ b/caddyconfig/httpcaddyfile/tlsapp.go
@@ -480,15 +480,19 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls
return len(aps[i].Subjects) > len(aps[j].Subjects)
})
- // remove any empty policies (except subjects, of course)
+ emptyAPCount := 0
+ // compute the number of empty policies (disregarding subjects) - see #4128
emptyAP := new(caddytls.AutomationPolicy)
for i := 0; i < len(aps); i++ {
emptyAP.Subjects = aps[i].Subjects
if reflect.DeepEqual(aps[i], emptyAP) {
- aps = append(aps[:i], aps[i+1:]...)
- i--
+ emptyAPCount++
}
}
+ // If all policies are empty, we can return nil, as there is no need to set any policy
+ if emptyAPCount == len(aps) {
+ return nil
+ }
// remove or combine duplicate policies
outer:
diff --git a/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt b/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt
new file mode 100644
index 0000000..87d278d
--- /dev/null
+++ b/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt
@@ -0,0 +1,62 @@
+a.example.com {
+}
+
+b.example.com {
+}
+
+:443 {
+ tls {
+ on_demand
+ }
+}
+----------
+{
+ "apps": {
+ "http": {
+ "servers": {
+ "srv0": {
+ "listen": [
+ ":443"
+ ],
+ "routes": [
+ {
+ "match": [
+ {
+ "host": [
+ "a.example.com"
+ ]
+ }
+ ],
+ "terminal": true
+ },
+ {
+ "match": [
+ {
+ "host": [
+ "b.example.com"
+ ]
+ }
+ ],
+ "terminal": true
+ }
+ ]
+ }
+ }
+ },
+ "tls": {
+ "automation": {
+ "policies": [
+ {
+ "subjects": [
+ "a.example.com",
+ "b.example.com"
+ ]
+ },
+ {
+ "on_demand": true
+ }
+ ]
+ }
+ }
+ }
+} \ No newline at end of file