添加对 BConfig.Listen.ClientAuth 字段的逻辑处理。当指定了该配置时，使用配置的值来作为验证客户端的方式。如果没指…

…定，使用默认值 tls.RequireAndVerifyClientCert
qiaoshuai2566348 · Jul 30, 2020 · 15e1193 · 15e1193
1 parent 7d56160
commit 15e1193
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/app.go b/app.go
@@ -195,10 +195,15 @@ func (app *App) Run(mws ...MiddleWare) {
 					return
 				}
 				pool.AppendCertsFromPEM(data)
-				app.Server.TLSConfig = &tls.Config{
+				tlsConfig := tls.Config{
 					ClientCAs:  pool,
-					ClientAuth: tls.RequireAndVerifyClientCert,
 				}
+				if string(BConfig.Listen.ClientAuth) != "" {
+					tslConfig.ClientAuth = BConfig.Listen.ClientAuth
+				} else {
+					tslConfig.ClientAuth = tls.RequireAndVerifyClientCert
+				}
+				app.Server.TLSConfig = &tslConfig
 			}
 			if err := app.Server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
 				logs.Critical("ListenAndServeTLS: ", err)