From f3721c103cb7f4be3afc66f60bce7bd12d8e4458 Mon Sep 17 00:00:00 2001
From: Jason Hutchinson <zikes@zikes.me>
Date: Sat, 24 Jun 2017 13:10:44 -0500
Subject: [PATCH] tls: add optional 'ca' tls directive, closes #1689 (#1699)

---
 caddytls/setup.go      |  6 ++++++
 caddytls/setup_test.go | 40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/caddytls/setup.go b/caddytls/setup.go
index 11668b8a..4966277e 100644
--- a/caddytls/setup.go
+++ b/caddytls/setup.go
@@ -66,6 +66,12 @@ func setupTLS(c *caddy.Controller) error {
 		for c.NextBlock() {
 			hadBlock = true
 			switch c.Val() {
+			case "ca":
+				arg := c.RemainingArgs()
+				if len(arg) != 1 {
+					return c.ArgErr()
+				}
+				config.CAUrl = arg[0]
 			case "key_type":
 				arg := c.RemainingArgs()
 				value, ok := supportedKeyTypes[strings.ToUpper(arg[0])]
diff --git a/caddytls/setup_test.go b/caddytls/setup_test.go
index b609fde7..08555f7f 100644
--- a/caddytls/setup_test.go
+++ b/caddytls/setup_test.go
@@ -277,6 +277,46 @@ func TestSetupParseWithClientAuth(t *testing.T) {
 	}
 }
 
+func TestSetupParseWithCAUrl(t *testing.T) {
+	testURL := "https://acme-staging.api.letsencrypt.org/directory"
+	for caseNumber, caseData := range []struct {
+		params        string
+		expectedErr   bool
+		expectedCAUrl string
+	}{
+		// Test working case
+		{`tls {
+				ca ` + testURL + `
+			}`, false, testURL},
+		// Test too few args
+		{`tls {
+				ca
+			}`, true, ""},
+		// Test too many args
+		{`tls {
+				ca 1 2
+			}`, true, ""},
+	} {
+		cfg := new(Config)
+		RegisterConfigGetter("", func(c *caddy.Controller) *Config { return cfg })
+		c := caddy.NewTestController("", caseData.params)
+		err := setupTLS(c)
+		if caseData.expectedErr {
+			if err == nil {
+				t.Errorf("In case %d: Expected an error, got: %v", caseNumber, err)
+			}
+			continue
+		}
+		if err != nil {
+			t.Errorf("In case %d: Expected no errors, got: %v", caseNumber, err)
+		}
+
+		if cfg.CAUrl != caseData.expectedCAUrl {
+			t.Errorf("Expected '%v' as CAUrl, got %#v", caseData.expectedCAUrl, cfg.CAUrl)
+		}
+	}
+}
+
 func TestSetupParseWithKeyType(t *testing.T) {
 	params := `tls {
             key_type p384
-- 
2.30.9