From 12bcbe2c4924ecbf6730fc340a7a4250bddcc9be Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Mon, 6 Feb 2023 14:44:11 -0500 Subject: caddyhttp: Pluggable trusted proxy IP range sources (#5328) * caddyhttp: Pluggable trusted proxy IP range sources * Add request to the IPRangeSource interface --- .../global_server_options_single.txt | 21 ++++++++++++--------- .../caddyfile_adapt/reverse_proxy_options.txt | 4 +--- 2 files changed, 13 insertions(+), 12 deletions(-) (limited to 'caddytest') diff --git a/caddytest/integration/caddyfile_adapt/global_server_options_single.txt b/caddytest/integration/caddyfile_adapt/global_server_options_single.txt index f767ea7..d963604 100644 --- a/caddytest/integration/caddyfile_adapt/global_server_options_single.txt +++ b/caddytest/integration/caddyfile_adapt/global_server_options_single.txt @@ -14,7 +14,7 @@ log_credentials protocols h1 h2 h2c h3 strict_sni_host - trusted_proxies private_ranges + trusted_proxies static private_ranges } } @@ -56,14 +56,17 @@ foo.com { } ], "strict_sni_host": true, - "trusted_proxies": [ - "192.168.0.0/16", - "172.16.0.0/12", - "10.0.0.0/8", - "127.0.0.1/8", - "fd00::/8", - "::1" - ], + "trusted_proxies": { + "ranges": [ + "192.168.0.0/16", + "172.16.0.0/12", + "10.0.0.0/8", + "127.0.0.1/8", + "fd00::/8", + "::1" + ], + "source": "static" + }, "logs": { "should_log_credentials": true }, diff --git a/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt b/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt index e05f1b9..b22333a 100644 --- a/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt +++ b/caddytest/integration/caddyfile_adapt/reverse_proxy_options.txt @@ -1,4 +1,3 @@ - https://example.com { reverse_proxy /path https://localhost:54321 { header_up Host {upstream_hostport} @@ -24,13 +23,12 @@ https://example.com { max_conns_per_host 5 keepalive_idle_conns_per_host 2 keepalive_interval 30s - + tls_renegotiation freely tls_except_ports 8181 8182 } } } - ---------- { "apps": { -- cgit v1.2.3