homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow handling ACME challenges with custom routers

Browse source
This commit is contained in:
Romain 2024-09-13 15:54:04 +02:00 committed by GitHub
parent d547b943df
commit 0cf2032c15
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
12 changed files with 142 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/server/router/tcp/router.go
View file

@ -21,6 +21,8 @@ const defaultBufSize = 4096
// Router is a TCP router.
type Router struct {
acmeTLSPassthrough bool
// Contains TCP routes.
muxerTCP tcpmuxer.Muxer
// Contains TCP TLS routes.
@ -148,7 +150,7 @@ func (r *Router) ServeTCP(conn tcp.WriteCloser) {
}
// Handling ACME-TLS/1 challenges.
if slices.Contains(hello.protos, tlsalpn01.ACMETLS1Protocol) {
if !r.acmeTLSPassthrough && slices.Contains(hello.protos, tlsalpn01.ACMETLS1Protocol) {
r.acmeTLSALPNHandler().ServeTCP(r.GetConn(conn, hello.peeked))
return
}
@ -303,6 +305,10 @@ func (r *Router) SetHTTPSHandler(handler http.Handler, config *tls.Config) {
r.httpsTLSConfig = config
}
func (r *Router) EnableACMETLSPassthrough() {
r.acmeTLSPassthrough = true
}
// Conn is a connection proxy that handles Peeked bytes.
type Conn struct {
// Peeked are the bytes that have been read from Conn for the purposes of route matching,