mirror of
				https://github.com/caddyserver/caddy.git
				synced 2025-10-25 15:52:45 -04:00 
			
		
		
		
	Merge pull request #313 from mholt/fix-tls-defaults-le
Fix regression: Ensure TLS defaults are added by LE handlers.
This commit is contained in:
		
						commit
						7a159ad934
					
				| @ -12,6 +12,7 @@ import ( | |||||||
| 	"strings" | 	"strings" | ||||||
| 	"time" | 	"time" | ||||||
| 
 | 
 | ||||||
|  | 	"github.com/mholt/caddy/caddy/setup" | ||||||
| 	"github.com/mholt/caddy/middleware" | 	"github.com/mholt/caddy/middleware" | ||||||
| 	"github.com/mholt/caddy/middleware/redirect" | 	"github.com/mholt/caddy/middleware/redirect" | ||||||
| 	"github.com/mholt/caddy/server" | 	"github.com/mholt/caddy/server" | ||||||
| @ -338,6 +339,9 @@ func autoConfigure(allConfigs []server.Config, cfgIndex int) []server.Config { | |||||||
| 	cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host) | 	cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host) | ||||||
| 	cfg.TLS.Key = storage.SiteKeyFile(cfg.Host) | 	cfg.TLS.Key = storage.SiteKeyFile(cfg.Host) | ||||||
| 	cfg.TLS.Enabled = true | 	cfg.TLS.Enabled = true | ||||||
|  | 	// Ensure all defaults are set for the TLS config | ||||||
|  | 	setup.SetDefaultTLSParams(cfg) | ||||||
|  | 
 | ||||||
| 	if cfg.Port == "" { | 	if cfg.Port == "" { | ||||||
| 		cfg.Port = "https" | 		cfg.Port = "https" | ||||||
| 	} | 	} | ||||||
|  | |||||||
| @ -6,6 +6,7 @@ import ( | |||||||
| 	"strings" | 	"strings" | ||||||
| 
 | 
 | ||||||
| 	"github.com/mholt/caddy/middleware" | 	"github.com/mholt/caddy/middleware" | ||||||
|  | 	"github.com/mholt/caddy/server" | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| func TLS(c *Controller) (middleware.Middleware, error) { | func TLS(c *Controller) (middleware.Middleware, error) { | ||||||
| @ -78,6 +79,14 @@ func TLS(c *Controller) (middleware.Middleware, error) { | |||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	SetDefaultTLSParams(c.Config) | ||||||
|  | 
 | ||||||
|  | 	return nil, nil | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | // SetDefaultTLSParams sets the default TLS cipher suites, protocol versions and server preferences | ||||||
|  | // of a server.Config if they were not previously set. | ||||||
|  | func SetDefaultTLSParams(c *server.Config) { | ||||||
| 	// If no ciphers provided, use all that Caddy supports for the protocol | 	// If no ciphers provided, use all that Caddy supports for the protocol | ||||||
| 	if len(c.TLS.Ciphers) == 0 { | 	if len(c.TLS.Ciphers) == 0 { | ||||||
| 		c.TLS.Ciphers = supportedCiphers | 		c.TLS.Ciphers = supportedCiphers | ||||||
| @ -96,8 +105,6 @@ func TLS(c *Controller) (middleware.Middleware, error) { | |||||||
| 
 | 
 | ||||||
| 	// Prefer server cipher suites | 	// Prefer server cipher suites | ||||||
| 	c.TLS.PreferServerCipherSuites = true | 	c.TLS.PreferServerCipherSuites = true | ||||||
| 
 |  | ||||||
| 	return nil, nil |  | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| // Map of supported protocols | // Map of supported protocols | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user