diff options
author | Matthew Holt <[email protected]> | 2024-04-22 15:47:09 -0600 |
---|---|---|
committer | Matthew Holt <[email protected]> | 2024-04-22 15:47:09 -0600 |
commit | 6a0299905479083f250c39d5780c305f82863273 (patch) | |
tree | 820e8d2581151abc276d3b351ba6ee2021c12fc0 /caddyconfig/httpcaddyfile/options.go | |
parent | 9f97df2275638ef80ca104dd0ca51e5a7ab93b21 (diff) | |
download | caddy-6a0299905479083f250c39d5780c305f82863273.tar.gz caddy-6a0299905479083f250c39d5780c305f82863273.zip |
caddytls: Add Caddyfile support for on-demand permission module (close #6260)
Diffstat (limited to 'caddyconfig/httpcaddyfile/options.go')
-rw-r--r-- | caddyconfig/httpcaddyfile/options.go | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/options.go b/caddyconfig/httpcaddyfile/options.go index bbc63ced8..6a8ba0bd3 100644 --- a/caddyconfig/httpcaddyfile/options.go +++ b/caddyconfig/httpcaddyfile/options.go @@ -345,9 +345,34 @@ func parseOptOnDemand(d *caddyfile.Dispenser, _ any) (any, error) { if ond == nil { ond = new(caddytls.OnDemandConfig) } + if ond.PermissionRaw != nil { + return nil, d.Err("on-demand TLS permission module (or 'ask') already specified") + } perm := caddytls.PermissionByHTTP{Endpoint: d.Val()} ond.PermissionRaw = caddyconfig.JSONModuleObject(perm, "module", "http", nil) + case "permission": + if !d.NextArg() { + return nil, d.ArgErr() + } + if ond == nil { + ond = new(caddytls.OnDemandConfig) + } + if ond.PermissionRaw != nil { + return nil, d.Err("on-demand TLS permission module (or 'ask') already specified") + } + modName := d.Val() + modID := "tls.permission." + modName + unm, err := caddyfile.UnmarshalModule(d, modID) + if err != nil { + return nil, err + } + perm, ok := unm.(caddytls.OnDemandPermission) + if !ok { + return nil, d.Errf("module %s (%T) is not an on-demand TLS permission module", modID, unm) + } + ond.PermissionRaw = caddyconfig.JSONModuleObject(perm, "module", modName, nil) + case "interval": if !d.NextArg() { return nil, d.ArgErr() |