1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00
caddy/modules/caddytls
Matthew Holt d692d503a3
tls/http: Fix auto-HTTPS logic w/rt default issuers (fixes #3164)
The comments in the code should explain the new logic thoroughly.
The basic problem for the issue was that we were overriding a catch-all
automation policy's explicitly-configured issuer with our own, for names
that we thought looked like public names. In other words, one could
configure an internal issuer for all names, but then our auto HTTPS
would create a new policy for public-looking names that uses the
default ACME issuer, because we assume public<==>ACME and
nonpublic<==>Internal, but that is not always the case. The new logic
still assumes nonpublic<==>Internal (on catch-all policies only), but
no longer assumes that public-looking names always use an ACME issuer.

Also fix a bug where HTTPPort and HTTPSPort from the HTTP app weren't
being carried through to ACME issuers properly. It required a bit of
refactoring.
2020-03-20 20:25:46 -06:00
..
distributedstek Refactor for CertMagic v0.10; prepare for PKI app 2020-03-06 23:15:25 -07:00
standardstek v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924) 2019-12-10 13:36:46 -07:00
acmeissuer.go Some hotfixes for beta 16 2020-03-13 19:14:49 -06:00
automation.go tls/http: Fix auto-HTTPS logic w/rt default issuers (fixes #3164) 2020-03-20 20:25:46 -06:00
certselection.go Add missing license texts 2020-03-15 21:18:00 -06:00
connpolicy.go caddytls: Support wildcard matching in ServerName conn policy matcher 2020-03-20 15:51:37 -06:00
fileloader.go v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924) 2019-12-10 13:36:46 -07:00
folderloader.go v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924) 2019-12-10 13:36:46 -07:00
internalissuer.go v2: Implement 'pki' app powered by Smallstep for localhost certificates (#3125) 2020-03-13 11:06:08 -06:00
matchers.go caddytls: Support wildcard matching in ServerName conn policy matcher 2020-03-20 15:51:37 -06:00
matchers_test.go caddytls: Support wildcard matching in ServerName conn policy matcher 2020-03-20 15:51:37 -06:00
pemloader.go v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924) 2019-12-10 13:36:46 -07:00
sessiontickets.go v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924) 2019-12-10 13:36:46 -07:00
tls.go tls/http: Fix auto-HTTPS logic w/rt default issuers (fixes #3164) 2020-03-20 20:25:46 -06:00
values.go Refactor for CertMagic v0.10; prepare for PKI app 2020-03-06 23:15:25 -07:00