0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-23 22:27:38 -05:00
caddy/server
W-Mark Kubacki 69c2d78f69 Support configuring less restrictive TLS client auth requirements
Caddyfile parameter "clients" of "tls" henceforth accepts a special
first modifier. It is one of, and effects:

 * request         = tls.RequestClientCert
 * require         = tls.RequireAnyClientCert
 * verify_if_given = tls.VerifyClientCertIfGiven
 * (none)          = tls.RequireAndVerifyClientCert

The use-case for this is as follows: A middleware would serve items to the
public, but if a certificate were given the middleware would permit file
manipulation.

And, in a different plugin such as a forum or blog, not verifying a client
cert would be nice for registration: said blog would subsequently only
compare the SPKI of a client certificate.
2016-04-15 22:21:55 +02:00
..
config.go Support configuring less restrictive TLS client auth requirements 2016-04-15 22:21:55 +02:00
config_test.go Parser separate scheme/port, refactor config loading 2016-01-03 16:41:29 -07:00
graceful.go Several improvements and bug fixes related to graceful reloads 2015-11-14 18:00:25 -07:00
server.go Support configuring less restrictive TLS client auth requirements 2016-04-15 22:21:55 +02:00
server_test.go server: Rotate TLS ticket "keys" (#742) 2016-04-12 10:09:45 -06:00
virtualhost.go Remove path scoping for middleware slice 2016-02-17 18:11:03 -07:00