diff options
| -rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 10 | ||||
| -rw-r--r-- | caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt | 62 |
2 files changed, 69 insertions, 3 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 1e32be0..72f99be 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -480,15 +480,19 @@ func consolidateAutomationPolicies(aps []*caddytls.AutomationPolicy) []*caddytls return len(aps[i].Subjects) > len(aps[j].Subjects) }) - // remove any empty policies (except subjects, of course) + emptyAPCount := 0 + // compute the number of empty policies (disregarding subjects) - see #4128 emptyAP := new(caddytls.AutomationPolicy) for i := 0; i < len(aps); i++ { emptyAP.Subjects = aps[i].Subjects if reflect.DeepEqual(aps[i], emptyAP) { - aps = append(aps[:i], aps[i+1:]...) - i-- + emptyAPCount++ } } + // If all policies are empty, we can return nil, as there is no need to set any policy + if emptyAPCount == len(aps) { + return nil + } // remove or combine duplicate policies outer: diff --git a/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt b/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt new file mode 100644 index 0000000..87d278d --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/tls_automation_policies_5.txt @@ -0,0 +1,62 @@ +a.example.com { +} + +b.example.com { +} + +:443 { + tls { + on_demand + } +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "routes": [ + { + "match": [ + { + "host": [ + "a.example.com" + ] + } + ], + "terminal": true + }, + { + "match": [ + { + "host": [ + "b.example.com" + ] + } + ], + "terminal": true + } + ] + } + } + }, + "tls": { + "automation": { + "policies": [ + { + "subjects": [ + "a.example.com", + "b.example.com" + ] + }, + { + "on_demand": true + } + ] + } + } + } +}
\ No newline at end of file |