1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00
caddy/go.mod
Matthew Holt 6ca5828221
caddytls: Refactor certificate selection policies (close #1575)
Certificate selection used to be a module, but this seems unnecessary,
especially since the built-in CustomSelectionPolicy allows quite complex
selection logic on a number of fields in certs. If we need to extend
that logic, we can, but I don't think there are SO many possibilities
that we need modules.

This update also allows certificate selection to choose between multiple
matching certs based on client compatibility and makes a number of other
improvements in the default cert selection logic, both here and in the
latest CertMagic.

The hardest part of this was the conn policy consolidation logic
(Caddyfile only, of course). We have to merge connection policies that
we can easily combine, because if two certs are manually loaded in a
Caddyfile site block, that produces two connection policies, and each
cert is tagged with a different tag, meaning only the first would ever
be selected. So given the same matchers, we can merge the two, but this
required improving the Tag selection logic to support multiple tags to
choose from, hence "tags" changed to "any_tag" or "all_tags" (but we
use any_tag in our Caddyfile logic).

Combining conn policies with conflicting settings is impossible, so
that should return an error if two policies with the exact same matchers
have non-empty settings that are not the same (the one exception being
any_tag which we can merge because the logic for them is to OR them).

It was a bit complicated. It seems to work in numerous tests I've
conducted, but we'll see how it pans out in the release candidates.
2020-04-01 20:49:35 -06:00

33 lines
1.2 KiB
Modula-2

module github.com/caddyserver/caddy/v2
go 1.14
require (
github.com/Masterminds/sprig/v3 v3.0.2
github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a
github.com/caddyserver/certmagic v0.10.7
github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac
github.com/go-acme/lego/v3 v3.5.0
github.com/google/cel-go v0.4.1
github.com/jsternberg/zap-logfmt v1.2.0
github.com/klauspost/compress v1.10.3
github.com/klauspost/cpuid v1.2.3
github.com/lucas-clemente/quic-go v0.15.2
github.com/manifoldco/promptui v0.7.0 // indirect
github.com/miekg/dns v1.1.29 // indirect
github.com/naoina/go-stringutil v0.1.0 // indirect
github.com/naoina/toml v0.1.1
github.com/smallstep/certificates v0.14.0-rc.5
github.com/smallstep/cli v0.14.0-rc.3
github.com/smallstep/truststore v0.9.5
github.com/vulcand/oxy v1.1.0
github.com/yuin/goldmark v1.1.27
github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691
go.uber.org/zap v1.14.1
golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e
google.golang.org/genproto v0.0.0-20200323114720-3f67cca34472
gopkg.in/natefinch/lumberjack.v2 v2.0.0
gopkg.in/square/go-jose.v2 v2.4.1 // indirect
gopkg.in/yaml.v2 v2.2.8
)