Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
caddy
Commits
572b9e4d
Commit
572b9e4d
authored
8 years ago
by
Pieter Raubenheimer
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' into caching-headers
parents
3441cdef
462128cd
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
49 additions
and
1 deletion
+49
-1
caddy/https/https.go
caddy/https/https.go
+1
-1
caddy/https/setup.go
caddy/https/setup.go
+21
-0
caddy/https/setup_test.go
caddy/https/setup_test.go
+27
-0
No files found.
caddy/https/https.go
View file @
572b9e4d
...
...
@@ -404,7 +404,7 @@ const AlternatePort = "5033"
// KeyType is the type to use for new keys.
// This shouldn't need to change except for in tests;
// the size can be drastically reduced for speed.
var
KeyType
=
acme
.
EC384
var
KeyType
acme
.
KeyType
// stopChan is used to signal the maintenance goroutine
// to terminate.
...
...
This diff is collapsed.
Click to expand it.
caddy/https/setup.go
View file @
572b9e4d
...
...
@@ -14,6 +14,7 @@ import (
"github.com/mholt/caddy/caddy/setup"
"github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/server"
"github.com/xenolf/lego/acme"
)
// Setup sets up the TLS configuration and installs certificates that
...
...
@@ -51,6 +52,13 @@ func Setup(c *setup.Controller) (middleware.Middleware, error) {
for
c
.
NextBlock
()
{
hadBlock
=
true
switch
c
.
Val
()
{
case
"key_type"
:
arg
:=
c
.
RemainingArgs
()
value
,
ok
:=
supportedKeyTypes
[
strings
.
ToUpper
(
arg
[
0
])]
if
!
ok
{
return
nil
,
c
.
Errf
(
"Wrong KeyType name or KeyType not supported '%s'"
,
c
.
Val
())
}
KeyType
=
value
case
"protocols"
:
args
:=
c
.
RemainingArgs
()
if
len
(
args
)
!=
2
{
...
...
@@ -220,6 +228,10 @@ func loadCertsInDir(c *setup.Controller, dir string) error {
// port to 443 if not already set, TLS is enabled, TLS is manual, and the host
// does not equal localhost.
func
setDefaultTLSParams
(
c
*
server
.
Config
)
{
if
KeyType
==
""
{
KeyType
=
acme
.
RSA2048
}
// If no ciphers provided, use default list
if
len
(
c
.
TLS
.
Ciphers
)
==
0
{
c
.
TLS
.
Ciphers
=
defaultCiphers
...
...
@@ -247,6 +259,15 @@ func setDefaultTLSParams(c *server.Config) {
}
}
// Map of supported key types
var
supportedKeyTypes
=
map
[
string
]
acme
.
KeyType
{
"EC384"
:
acme
.
EC384
,
"EC256"
:
acme
.
EC256
,
"RSA8192"
:
acme
.
RSA8192
,
"RSA4096"
:
acme
.
RSA4096
,
"RSA2048"
:
acme
.
RSA2048
,
}
// Map of supported protocols.
// SSLv3 will be not supported in future release.
// HTTP/2 only supports TLS 1.2 and higher.
...
...
This diff is collapsed.
Click to expand it.
caddy/https/setup_test.go
View file @
572b9e4d
...
...
@@ -8,6 +8,7 @@ import (
"testing"
"github.com/mholt/caddy/caddy/setup"
"github.com/xenolf/lego/acme"
)
func
TestMain
(
m
*
testing
.
M
)
{
...
...
@@ -170,6 +171,16 @@ func TestSetupParseWithWrongOptionalParams(t *testing.T) {
if
err
==
nil
{
t
.
Errorf
(
"Expected errors, but no error returned"
)
}
// Test key_type wrong params
params
=
`tls {
key_type ab123
}`
c
=
setup
.
NewTestController
(
params
)
_
,
err
=
Setup
(
c
)
if
err
==
nil
{
t
.
Errorf
(
"Expected errors, but no error returned"
)
}
}
func
TestSetupParseWithClientAuth
(
t
*
testing
.
T
)
{
...
...
@@ -203,6 +214,22 @@ func TestSetupParseWithClientAuth(t *testing.T) {
}
}
func
TestSetupParseWithKeyType
(
t
*
testing
.
T
)
{
params
:=
`tls {
key_type ec384
}`
c
:=
setup
.
NewTestController
(
params
)
_
,
err
:=
Setup
(
c
)
if
err
!=
nil
{
t
.
Errorf
(
"Expected no errors, got: %v"
,
err
)
}
if
KeyType
!=
acme
.
EC384
{
t
.
Errorf
(
"Expected 'P384' as KeyType, got %#v"
,
KeyType
)
}
}
const
(
certFile
=
"test_cert.pem"
keyFile
=
"test_key.pem"
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment