mirror of
				https://github.com/caddyserver/caddy.git
				synced 2025-10-24 23:39:19 -04:00 
			
		
		
		
	httpcaddyfile: Only append TLS conn policy if it's non-empty (#3319)
This can lead to nicer, smaller JSON output for Caddyfiles like this:
	a {
		tls internal
	}
	b {
		tls foo@bar.com
	}
i.e. where the tls directive only configures automation policies, and
is merely meant to enable TLS on a server block (if it wasn't implied).
This helps keeps implicit config implicit.
Needs a little more testing to ensure it doesn't break anything
important.
			
			
This commit is contained in:
		
							parent
							
								
									184e8e9f71
								
							
						
					
					
						commit
						2f59467ac3
					
				| @ -416,9 +416,12 @@ func (st *ServerType) serversFromPairings( | |||||||
| 						hasCatchAllTLSConnPolicy = true | 						hasCatchAllTLSConnPolicy = true | ||||||
| 					} | 					} | ||||||
| 
 | 
 | ||||||
|  | 					// only append this policy if it actually changes something | ||||||
|  | 					if !cp.SettingsEmpty() { | ||||||
| 						srv.TLSConnPolicies = append(srv.TLSConnPolicies, cp) | 						srv.TLSConnPolicies = append(srv.TLSConnPolicies, cp) | ||||||
| 					} | 					} | ||||||
| 				} | 				} | ||||||
|  | 			} | ||||||
| 
 | 
 | ||||||
| 			for _, addr := range sblock.keys { | 			for _, addr := range sblock.keys { | ||||||
| 				// exclude any hosts that were defined explicitly with "http://" | 				// exclude any hosts that were defined explicitly with "http://" | ||||||
|  | |||||||
| @ -264,6 +264,19 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error { | |||||||
| 	return nil | 	return nil | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | // SettingsEmpty returns true if p's settings (fields | ||||||
|  | // except the matchers) are all empty/unset. | ||||||
|  | func (p ConnectionPolicy) SettingsEmpty() bool { | ||||||
|  | 	return p.CertSelection == nil && | ||||||
|  | 		p.CipherSuites == nil && | ||||||
|  | 		p.Curves == nil && | ||||||
|  | 		p.ALPN == nil && | ||||||
|  | 		p.ProtocolMin == "" && | ||||||
|  | 		p.ProtocolMax == "" && | ||||||
|  | 		p.ClientAuthentication == nil && | ||||||
|  | 		p.DefaultSNI == "" | ||||||
|  | } | ||||||
|  | 
 | ||||||
| // ClientAuthentication configures TLS client auth. | // ClientAuthentication configures TLS client auth. | ||||||
| type ClientAuthentication struct { | type ClientAuthentication struct { | ||||||
| 	// A list of base64 DER-encoded CA certificates | 	// A list of base64 DER-encoded CA certificates | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user