Commit 6fdc83fa authored by xenolf's avatar xenolf

Fix regression: Ensure TLS defaults are added by LE handlers.

parent d36685ac
...@@ -12,6 +12,7 @@ import ( ...@@ -12,6 +12,7 @@ import (
"strings" "strings"
"time" "time"
"github.com/mholt/caddy/caddy/setup"
"github.com/mholt/caddy/middleware" "github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/middleware/redirect" "github.com/mholt/caddy/middleware/redirect"
"github.com/mholt/caddy/server" "github.com/mholt/caddy/server"
...@@ -338,6 +339,9 @@ func autoConfigure(allConfigs []server.Config, cfgIndex int) []server.Config { ...@@ -338,6 +339,9 @@ func autoConfigure(allConfigs []server.Config, cfgIndex int) []server.Config {
cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host) cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host)
cfg.TLS.Key = storage.SiteKeyFile(cfg.Host) cfg.TLS.Key = storage.SiteKeyFile(cfg.Host)
cfg.TLS.Enabled = true cfg.TLS.Enabled = true
// Ensure all defaults are set for the TLS config
setup.SetDefaultTLSParams(cfg)
if cfg.Port == "" { if cfg.Port == "" {
cfg.Port = "https" cfg.Port = "https"
} }
......
...@@ -6,6 +6,7 @@ import ( ...@@ -6,6 +6,7 @@ import (
"strings" "strings"
"github.com/mholt/caddy/middleware" "github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/server"
) )
func TLS(c *Controller) (middleware.Middleware, error) { func TLS(c *Controller) (middleware.Middleware, error) {
...@@ -78,6 +79,14 @@ func TLS(c *Controller) (middleware.Middleware, error) { ...@@ -78,6 +79,14 @@ func TLS(c *Controller) (middleware.Middleware, error) {
} }
} }
SetDefaultTLSParams(c.Config)
return nil, nil
}
// SetDefaultTLSParams sets the default TLS cipher suites, protocol versions and server preferences
// of a server.Config if they were not previously set.
func SetDefaultTLSParams(c *server.Config) {
// If no ciphers provided, use all that Caddy supports for the protocol // If no ciphers provided, use all that Caddy supports for the protocol
if len(c.TLS.Ciphers) == 0 { if len(c.TLS.Ciphers) == 0 {
c.TLS.Ciphers = supportedCiphers c.TLS.Ciphers = supportedCiphers
...@@ -96,8 +105,6 @@ func TLS(c *Controller) (middleware.Middleware, error) { ...@@ -96,8 +105,6 @@ func TLS(c *Controller) (middleware.Middleware, error) {
// Prefer server cipher suites // Prefer server cipher suites
c.TLS.PreferServerCipherSuites = true c.TLS.PreferServerCipherSuites = true
return nil, nil
} }
// Map of supported protocols // Map of supported protocols
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment