MCPcopy
hub / github.com/caddyserver/caddy / Provision

Method Provision

modules/caddytls/connpolicy.go:52–94  ·  view source on GitHub ↗

Provision sets up each connection policy. It should be called during the Validate() phase, after the TLS app (if any) is already set up.

(ctx caddy.Context)

Source from the content-addressed store, hash-verified

50// during the Validate() phase, after the TLS app (if any) is
51// already set up.
52func (cp ConnectionPolicies) Provision(ctx caddy.Context) error {
53 for i, pol := range cp {
54 // matchers
55 mods, err := ctx.LoadModule(pol, "MatchersRaw")
56 if err != nil {
57 return fmt.Errorf("loading handshake matchers: %v", err)
58 }
59 for _, modIface := range mods.(map[string]any) {
60 cp[i].matchers = append(cp[i].matchers, modIface.(ConnectionMatcher))
61 }
62
63 // enable HTTP/2 by default
64 if pol.ALPN == nil {
65 pol.ALPN = append(pol.ALPN, defaultALPN...)
66 }
67
68 // pre-build standard TLS config so we don't have to at handshake-time
69 err = pol.buildStandardTLSConfig(ctx)
70 if err != nil {
71 return fmt.Errorf("connection policy %d: building standard TLS config: %s", i, err)
72 }
73
74 if pol.ClientAuthentication != nil && len(pol.ClientAuthentication.VerifiersRaw) > 0 {
75 clientCertValidations, err := ctx.LoadModule(pol.ClientAuthentication, "VerifiersRaw")
76 if err != nil {
77 return fmt.Errorf("loading client cert verifiers: %v", err)
78 }
79 for _, validator := range clientCertValidations.([]any) {
80 cp[i].ClientAuthentication.verifiers = append(cp[i].ClientAuthentication.verifiers, validator.(ClientCertificateVerifier))
81 }
82 }
83
84 if len(pol.HandshakeContextRaw) > 0 {
85 modIface, err := ctx.LoadModule(pol, "HandshakeContextRaw")
86 if err != nil {
87 return fmt.Errorf("loading handshake context module: %v", err)
88 }
89 cp[i].handshakeContext = modIface.(HandshakeContext)
90 }
91 }
92
93 return nil
94}
95
96// TLSConfig returns a standard-lib-compatible TLS configuration which
97// selects the first matching policy based on the ClientHello.

Callers

nothing calls this directly

Calls 2

LoadModuleMethod · 0.80

Tested by

no test coverage detected