diff options
Diffstat (limited to 'modules/caddyhttp/server.go')
-rw-r--r-- | modules/caddyhttp/server.go | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go index 04935e6..42f7a5a 100644 --- a/modules/caddyhttp/server.go +++ b/modules/caddyhttp/server.go @@ -41,7 +41,7 @@ type Server struct { TLSConnPolicies caddytls.ConnectionPolicies `json:"tls_connection_policies,omitempty"` AutoHTTPS *AutoHTTPSConfig `json:"automatic_https,omitempty"` MaxRehandles *int `json:"max_rehandles,omitempty"` - StrictSNIHost bool `json:"strict_sni_host,omitempty"` // TODO: see if we can turn this on by default when clientauth is configured + StrictSNIHost bool `json:"strict_sni_host,omitempty"` tlsApp *caddytls.TLS } @@ -183,6 +183,32 @@ func (s *Server) listenersUseAnyPortOtherThan(otherPort int) bool { return false } +// listenersIncludePort returns true if there are any +// listeners in s that use otherPort. +func (s *Server) listenersIncludePort(otherPort int) bool { + for _, lnAddr := range s.Listen { + _, addrs, err := caddy.ParseListenAddr(lnAddr) + if err == nil { + for _, a := range addrs { + _, port, err := net.SplitHostPort(a) + if err == nil && port == strconv.Itoa(otherPort) { + return true + } + } + } + } + return false +} + +func (s *Server) hasTLSClientAuth() bool { + for _, cp := range s.TLSConnPolicies { + if cp.ClientAuthentication != nil && cp.ClientAuthentication.Active() { + return true + } + } + return false +} + // AutoHTTPSConfig is used to disable automatic HTTPS // or certain aspects of it for a specific server. type AutoHTTPSConfig struct { |