doc: remove docs of deprecated directives (#6566)

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
caddyserver · Sep 29, 2024 · 1a345b4 · 1a345b4
1 parent 22c98ea
commit 1a345b4
Showing 1 changed file with 2 additions and 8 deletions.
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
@@ -555,16 +555,10 @@ type ClientAuthentication struct {
 //	 	trust_pool			   <module> {
 //			...
 //		}
-//		trusted_leaf_cert      <base64_der>
-//		trusted_leaf_cert_file <filename>
 //		verifier               <module>
 //	}
 //
-// If `mode` is not provided, it defaults to `require_and_verify` if any of the following are provided:
-// - `trusted_leaf_certs`
-// - `trusted_leaf_cert_file`
-// - `trust_pool`
-//
+// If `mode` is not provided, it defaults to `require_and_verify` if `trust_pool` is provided.
 // Otherwise, it defaults to `require`.
 func (ca *ClientAuthentication) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 	for d.NextArg() {
@@ -768,7 +762,7 @@ func (clientauth *ClientAuthentication) ConfigureTLSConfig(cfg *tls.Config) erro
 		if len(clientauth.TrustedCACerts) > 0 ||
 			len(clientauth.TrustedCACertPEMFiles) > 0 ||
 			len(clientauth.TrustedLeafCerts) > 0 ||
-			clientauth.CARaw != nil {
+			clientauth.CARaw != nil || clientauth.ca != nil {
 			cfg.ClientAuth = tls.RequireAndVerifyClientCert
 		} else {
 			cfg.ClientAuth = tls.RequireAnyClientCert