summaryrefslogtreecommitdiffhomepage
path: root/caddyconfig
diff options
context:
space:
mode:
authorZach Galvin <[email protected]>2024-01-09 17:14:51 -0600
committerGitHub <[email protected]>2024-01-09 23:14:51 +0000
commitcb86319bd50322d4ac9e730b2fc5639daa24b82a (patch)
tree24bc5a57a50e321a574a0b2c50199595205a52f0 /caddyconfig
parented41c924cfdee562b36c86cced5571c2800348d8 (diff)
downloadcaddy-cb86319bd50322d4ac9e730b2fc5639daa24b82a.tar.gz
caddy-cb86319bd50322d4ac9e730b2fc5639daa24b82a.zip
httpcaddyfile: Support client auth verifiers (#6022)
* Added verifier case Update author * Update verifier to match struct tag * gci run
Diffstat (limited to 'caddyconfig')
-rw-r--r--caddyconfig/httpcaddyfile/builtins.go18
1 files changed, 18 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go
index 568028388..f345a676f 100644
--- a/caddyconfig/httpcaddyfile/builtins.go
+++ b/caddyconfig/httpcaddyfile/builtins.go
@@ -219,6 +219,24 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
for nesting := h.Nesting(); h.NextBlock(nesting); {
subdir := h.Val()
switch subdir {
+ case "verifier":
+ if !h.NextArg() {
+ return nil, h.ArgErr()
+ }
+
+ vType := h.Val()
+ modID := "tls.client_auth." + vType
+ unm, err := caddyfile.UnmarshalModule(h.Dispenser, modID)
+ if err != nil {
+ return nil, err
+ }
+
+ _, ok := unm.(caddytls.ClientCertificateVerifier)
+ if !ok {
+ return nil, h.Dispenser.Errf("module %s is not a caddytls.ClientCertificatVerifier", modID)
+ }
+
+ cp.ClientAuthentication.VerifiersRaw = append(cp.ClientAuthentication.VerifiersRaw, caddyconfig.JSONModuleObject(unm, "verifier", vType, h.warnings))
case "mode":
if !h.Args(&cp.ClientAuthentication.Mode) {
return nil, h.ArgErr()