summaryrefslogtreecommitdiff
path: root/modules/caddyhttp
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddyhttp')
-rw-r--r--modules/caddyhttp/reverseproxy/caddyfile.go58
1 files changed, 30 insertions, 28 deletions
diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go
index b2bdf04..4fa4be0 100644
--- a/modules/caddyhttp/reverseproxy/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/caddyfile.go
@@ -814,6 +814,8 @@ func (h *Handler) FinalizeUnmarshalCaddyfile(helper httpcaddyfile.Helper) error
// tls_timeout <duration>
// tls_trusted_ca_certs <cert_files...>
// tls_server_name <sni>
+// tls_renegotiation <level>
+// tls_except_ports <ports...>
// keepalive [off|<duration>]
// keepalive_interval <interval>
// keepalive_idle_conns <max_count>
@@ -907,6 +909,11 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
return d.Errf("must specify at least one resolver address")
}
+ case "tls":
+ if h.TLS == nil {
+ h.TLS = new(TLSConfig)
+ }
+
case "tls_client_auth":
if h.TLS == nil {
h.TLS = new(TLSConfig)
@@ -922,25 +929,6 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
return d.ArgErr()
}
- case "renegotiation":
- if h.TLS == nil {
- h.TLS = new(TLSConfig)
- }
- if !d.NextArg() {
- return d.ArgErr()
- }
- switch renegotiation := d.Val(); renegotiation {
- case "never", "once", "freely":
- h.TLS.Renegotiation = renegotiation
- default:
- return d.ArgErr()
- }
-
- case "tls":
- if h.TLS == nil {
- h.TLS = new(TLSConfig)
- }
-
case "tls_insecure_skip_verify":
if d.NextArg() {
return d.ArgErr()
@@ -982,6 +970,29 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
}
h.TLS.ServerName = d.Val()
+ case "tls_renegotiation":
+ if h.TLS == nil {
+ h.TLS = new(TLSConfig)
+ }
+ if !d.NextArg() {
+ return d.ArgErr()
+ }
+ switch renegotiation := d.Val(); renegotiation {
+ case "never", "once", "freely":
+ h.TLS.Renegotiation = renegotiation
+ default:
+ return d.ArgErr()
+ }
+
+ case "tls_except_ports":
+ if h.TLS == nil {
+ h.TLS = new(TLSConfig)
+ }
+ h.TLS.ExceptPorts = d.RemainingArgs()
+ if len(h.TLS.ExceptPorts) == 0 {
+ return d.ArgErr()
+ }
+
case "keepalive":
if !d.NextArg() {
return d.ArgErr()
@@ -1063,15 +1074,6 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
}
h.MaxConnsPerHost = num
- case "except_ports":
- if h.TLS == nil {
- h.TLS = new(TLSConfig)
- }
- h.TLS.ExceptPorts = d.RemainingArgs()
- if len(h.TLS.ExceptPorts) == 0 {
- return d.ArgErr()
- }
-
default:
return d.Errf("unrecognized subdirective %s", d.Val())
}