1
0
Fork 0

Merge branch v2.11 into v3.2

This commit is contained in:
kevinpollet 2024-11-12 16:24:22 +01:00
commit b7b4dd9554
No known key found for this signature in database
GPG key ID: 0C9A5DDD1B292453
43 changed files with 1094 additions and 789 deletions

View file

@ -6,6 +6,7 @@ import (
"errors"
"fmt"
"net/url"
"os"
"sort"
"strings"
@ -45,13 +46,6 @@ var (
}
)
// Certificate holds a SSL cert/key pair
// Certs and Key could be either a file path, or the file content itself.
type Certificate struct {
CertFile types.FileOrContent `json:"certFile,omitempty" toml:"certFile,omitempty" yaml:"certFile,omitempty"`
KeyFile types.FileOrContent `json:"keyFile,omitempty" toml:"keyFile,omitempty" yaml:"keyFile,omitempty" loggable:"false"`
}
// Certificates defines traefik certificates type
// Certs and Keys could be either a file path, or the file content itself.
type Certificates []Certificate
@ -73,6 +67,13 @@ func (c Certificates) GetCertificates() []tls.Certificate {
return certs
}
// Certificate holds a SSL cert/key pair
// Certs and Key could be either a file path, or the file content itself.
type Certificate struct {
CertFile types.FileOrContent `json:"certFile,omitempty" toml:"certFile,omitempty" yaml:"certFile,omitempty"`
KeyFile types.FileOrContent `json:"keyFile,omitempty" toml:"keyFile,omitempty" yaml:"keyFile,omitempty" loggable:"false"`
}
// AppendCertificate appends a Certificate to a certificates map keyed by store name.
func (c *Certificate) AppendCertificate(certs map[string]map[string]*tls.Certificate, storeName string) error {
certContent, err := c.CertFile.Read()
@ -166,31 +167,6 @@ func (c *Certificate) GetCertificateFromBytes() (tls.Certificate, error) {
return cert, nil
}
// GetTruncatedCertificateName truncates the certificate name.
func (c *Certificate) GetTruncatedCertificateName() string {
certName := c.CertFile.String()
// Truncate certificate information only if it's a well formed certificate content with more than 50 characters
if !c.CertFile.IsPath() && strings.HasPrefix(certName, certificateHeader) && len(certName) > len(certificateHeader)+50 {
certName = strings.TrimPrefix(c.CertFile.String(), certificateHeader)[:50]
}
return certName
}
// String is the method to format the flag's value, part of the flag.Value interface.
// The String method's output will be used in diagnostics.
func (c *Certificates) String() string {
if len(*c) == 0 {
return ""
}
var result []string
for _, certificate := range *c {
result = append(result, certificate.CertFile.String()+","+certificate.KeyFile.String())
}
return strings.Join(result, ";")
}
// Set is the method to set the flag value, part of the flag.Value interface.
// Set's argument is a string to be parsed to set the flag.
// It's a comma-separated list, so we split it.
@ -209,9 +185,43 @@ func (c *Certificates) Set(value string) error {
return nil
}
// Type is type of the struct.
func (c *Certificates) Type() string {
return "certificates"
// GetTruncatedCertificateName truncates the certificate name.
func (c *Certificate) GetTruncatedCertificateName() string {
certName := c.CertFile.String()
// Truncate certificate information only if it's a well formed certificate content with more than 50 characters
if !c.CertFile.IsPath() && strings.HasPrefix(certName, certificateHeader) && len(certName) > len(certificateHeader)+50 {
certName = strings.TrimPrefix(c.CertFile.String(), certificateHeader)[:50]
}
return certName
}
// FileOrContent hold a file path or content.
type FileOrContent string
func (f FileOrContent) String() string {
return string(f)
}
// IsPath returns true if the FileOrContent is a file path, otherwise returns false.
func (f FileOrContent) IsPath() bool {
_, err := os.Stat(f.String())
return err == nil
}
func (f FileOrContent) Read() ([]byte, error) {
var content []byte
if f.IsPath() {
var err error
content, err = os.ReadFile(f.String())
if err != nil {
return nil, err
}
} else {
content = []byte(f)
}
return content, nil
}
// VerifyPeerCertificate verifies the chain certificates and their URI.

View file

@ -31,7 +31,7 @@ func NewCertificateStore() *CertificateStore {
}
}
func (c CertificateStore) getDefaultCertificateDomains() []string {
func (c *CertificateStore) getDefaultCertificateDomains() []string {
var allCerts []string
if c.DefaultCertificate == nil {
@ -58,7 +58,7 @@ func (c CertificateStore) getDefaultCertificateDomains() []string {
}
// GetAllDomains return a slice with all the certificate domain.
func (c CertificateStore) GetAllDomains() []string {
func (c *CertificateStore) GetAllDomains() []string {
allDomains := c.getDefaultCertificateDomains()
// Get dynamic certificates
@ -157,7 +157,7 @@ func (c *CertificateStore) GetCertificate(domains []string) *tls.Certificate {
}
// ResetCache clears the cache in the store.
func (c CertificateStore) ResetCache() {
func (c *CertificateStore) ResetCache() {
if c.CertCache != nil {
c.CertCache.Flush()
}