From 5bc7933e131be3cfdeac49d4f92959846ccb0c4f Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Thu, 2 Dec 2021 16:22:17 -0500 Subject: [PATCH] Adjust `pki` app config structure --- caddyconfig/httpcaddyfile/pkiapp.go | 80 ++++++++++--------- .../global_options_skip_install_trust.txt | 18 +++-- 2 files changed, 51 insertions(+), 47 deletions(-) diff --git a/caddyconfig/httpcaddyfile/pkiapp.go b/caddyconfig/httpcaddyfile/pkiapp.go index dad5ddde861..3c24f2b7923 100644 --- a/caddyconfig/httpcaddyfile/pkiapp.go +++ b/caddyconfig/httpcaddyfile/pkiapp.go @@ -26,64 +26,66 @@ func init() { // parsePKIApp parses the global log option. Syntax: // -// pki [id] { -// name -// root_common_name -// intermediate_common_name +// pki { +// ca [] { +// name +// root_common_name +// intermediate_common_name +// } // } // // When the CA ID is unspecified, 'local' is assumed. // func parsePKIApp(d *caddyfile.Dispenser, existingVal interface{}) (interface{}, error) { - var pki *caddypki.PKI - if existingVal != nil { - unwrappedPki, ok := existingVal.(*caddypki.PKI) - if !ok { - return nil, d.Errf("failed to unwrap existing PKI value") - } - pki = unwrappedPki - } else { - pki = &caddypki.PKI{CAs: make(map[string]*caddypki.CA)} - } + pki := &caddypki.PKI{CAs: make(map[string]*caddypki.CA)} - pkiCa := new(caddypki.CA) for d.Next() { - if d.NextArg() { - pkiCa.ID = d.Val() - if d.NextArg() { - return nil, d.ArgErr() - } - } for nesting := d.Nesting(); d.NextBlock(nesting); { switch d.Val() { - case "name": - if !d.NextArg() { - return nil, d.ArgErr() + case "ca": + pkiCa := new(caddypki.CA) + if d.NextArg() { + pkiCa.ID = d.Val() + if d.NextArg() { + return nil, d.ArgErr() + } } - pkiCa.Name = d.Val() - - case "root_common_name": - if !d.NextArg() { - return nil, d.ArgErr() + if pkiCa.ID == "" { + pkiCa.ID = caddypki.DefaultCAID } - pkiCa.Name = d.Val() - case "intermediate_common_name": - if !d.NextArg() { - return nil, d.ArgErr() + for nesting := d.Nesting(); d.NextBlock(nesting); { + switch d.Val() { + case "name": + if !d.NextArg() { + return nil, d.ArgErr() + } + pkiCa.Name = d.Val() + + case "root_common_name": + if !d.NextArg() { + return nil, d.ArgErr() + } + pkiCa.Name = d.Val() + + case "intermediate_common_name": + if !d.NextArg() { + return nil, d.ArgErr() + } + pkiCa.Name = d.Val() + + default: + return nil, d.Errf("unrecognized pki ca option '%s'", d.Val()) + } } - pkiCa.Name = d.Val() + + pki.CAs[pkiCa.ID] = pkiCa default: return nil, d.Errf("unrecognized pki option '%s'", d.Val()) } } } - if pkiCa.ID == "" { - pkiCa.ID = caddypki.DefaultCAID - } - - pki.CAs[pkiCa.ID] = pkiCa return pki, nil } diff --git a/caddytest/integration/caddyfile_adapt/global_options_skip_install_trust.txt b/caddytest/integration/caddyfile_adapt/global_options_skip_install_trust.txt index 469cecaffd5..d0b46c9afbc 100644 --- a/caddytest/integration/caddyfile_adapt/global_options_skip_install_trust.txt +++ b/caddytest/integration/caddyfile_adapt/global_options_skip_install_trust.txt @@ -1,14 +1,16 @@ { skip_install_trust pki { - name "Local" - root_common_name "Custom Local Root Name" - intermediate_common_name "Custom Local Intermediate Name" - } - pki foo { - name "Foo" - root_common_name "Custom Foo Root Name" - intermediate_common_name "Custom Foo Intermediate Name" + ca { + name "Local" + root_common_name "Custom Local Root Name" + intermediate_common_name "Custom Local Intermediate Name" + } + ca foo { + name "Foo" + root_common_name "Custom Foo Root Name" + intermediate_common_name "Custom Foo Intermediate Name" + } } }