change SSLConfCommand from string to []string

This commit is contained in:
Andrei Zhozhin 2023-01-30 13:41:29 +00:00
parent 43f1420b68
commit f3b7bb1d8b
2 changed files with 5 additions and 3 deletions

View file

@ -339,7 +339,7 @@ type Configuration struct {
// Allows configuration of arbitrary OpenSSL configuration
// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_conf_command
SSLConfCommand string `json:"ssl-conf-command,omitempty"`
SSLConfCommand []string `json:"ssl-conf-command,omitempty"`
// Enabled ciphers list to enabled. The ciphers are specified in the format understood by
// the OpenSSL library
@ -777,6 +777,7 @@ func NewDefault() Configuration {
defBlockEntity := make([]string, 0)
defNginxStatusIpv4Whitelist := make([]string, 0)
defNginxStatusIpv6Whitelist := make([]string, 0)
defSSLConfCommand := make([]string, 0)
defResponseHeaders := make([]string, 0)
defIPCIDR = append(defIPCIDR, "0.0.0.0/0")
defNginxStatusIpv4Whitelist = append(defNginxStatusIpv4Whitelist, "127.0.0.1")
@ -846,7 +847,7 @@ func NewDefault() Configuration {
ReusePort: true,
ShowServerTokens: false,
SSLBufferSize: sslBufferSize,
SSLConfCommand: "",
SSLConfCommand: defSSLConfCommand,
SSLCiphers: sslCiphers,
SSLECDHCurve: "auto",
SSLProtocols: sslProtocols,

View file

@ -452,7 +452,8 @@ http {
{{ if not (empty $cfg.SSLCiphers) }}
# allow to specify specific openssl commands
ssl_conf_command {{ $cfg.SSLConfCommand }};
{{ range $sslConfCmd := $cfg.SSLConfCommand }}
ssl_conf_command {{ $sslConfCmd }};
{{ end }}
{{ if not (empty $cfg.SSLCiphers) }}