UnmarshalCaddyfile sets up the ConnectionPolicy from Caddyfile tokens. Syntax: connection_policy { alpn <values...> cert_selection { ... } ciphers <cipher_suites...> client_auth { ... } curves <curves...> default_sni <se
(d *caddyfile.Dispenser)
| 479 | // insecure_secrets_log <log_file> |
| 480 | // } |
| 481 | func (cp *ConnectionPolicy) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { |
| 482 | _, wrapper := d.Next(), d.Val() |
| 483 | |
| 484 | // No same-line options are supported |
| 485 | if d.CountRemainingArgs() > 0 { |
| 486 | return d.ArgErr() |
| 487 | } |
| 488 | |
| 489 | var hasCertSelection, hasClientAuth, hasDefaultSNI, hasDrop, |
| 490 | hasFallbackSNI, hasInsecureSecretsLog, hasMatch, hasProtocols bool |
| 491 | for nesting := d.Nesting(); d.NextBlock(nesting); { |
| 492 | optionName := d.Val() |
| 493 | switch optionName { |
| 494 | case "alpn": |
| 495 | if d.CountRemainingArgs() == 0 { |
| 496 | return d.ArgErr() |
| 497 | } |
| 498 | cp.ALPN = append(cp.ALPN, d.RemainingArgs()...) |
| 499 | case "cert_selection": |
| 500 | if hasCertSelection { |
| 501 | return d.Errf("duplicate %s option '%s'", wrapper, optionName) |
| 502 | } |
| 503 | p := &CustomCertSelectionPolicy{} |
| 504 | if err := p.UnmarshalCaddyfile(d.NewFromNextSegment()); err != nil { |
| 505 | return err |
| 506 | } |
| 507 | cp.CertSelection, hasCertSelection = p, true |
| 508 | case "client_auth": |
| 509 | if hasClientAuth { |
| 510 | return d.Errf("duplicate %s option '%s'", wrapper, optionName) |
| 511 | } |
| 512 | ca := &ClientAuthentication{} |
| 513 | if err := ca.UnmarshalCaddyfile(d.NewFromNextSegment()); err != nil { |
| 514 | return err |
| 515 | } |
| 516 | cp.ClientAuthentication, hasClientAuth = ca, true |
| 517 | case "ciphers": |
| 518 | if d.CountRemainingArgs() == 0 { |
| 519 | return d.ArgErr() |
| 520 | } |
| 521 | cp.CipherSuites = append(cp.CipherSuites, d.RemainingArgs()...) |
| 522 | case "curves": |
| 523 | if d.CountRemainingArgs() == 0 { |
| 524 | return d.ArgErr() |
| 525 | } |
| 526 | cp.Curves = append(cp.Curves, d.RemainingArgs()...) |
| 527 | case "default_sni": |
| 528 | if hasDefaultSNI { |
| 529 | return d.Errf("duplicate %s option '%s'", wrapper, optionName) |
| 530 | } |
| 531 | if d.CountRemainingArgs() != 1 { |
| 532 | return d.ArgErr() |
| 533 | } |
| 534 | _, cp.DefaultSNI, hasDefaultSNI = d.NextArg(), d.Val(), true |
| 535 | case "drop": // EXPERIMENTAL |
| 536 | if hasDrop { |
| 537 | return d.Errf("duplicate %s option '%s'", wrapper, optionName) |
| 538 | } |
nothing calls this directly
no test coverage detected