diff options
| author | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-09 08:25:48 -0600 |
|---|---|---|
| committer | Matthew Holt <mholt@users.noreply.github.com> | 2019-09-09 08:25:48 -0600 |
| commit | 9169cd43d49236c69d5c9b7c556cb0ac0c9ce497 (patch) | |
| tree | 3513fc77db0abc02303817e3e8f1c44d6d190eaa /modules | |
| parent | e12c62e60b3f794630aed2fae37c4c6973e63bf4 (diff) | |
Log when auto HTTPS or auto HTTP->HTTPS redirects are disabled
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/caddyhttp/caddyhttp.go | 8 | ||||
| -rw-r--r-- | modules/caddyhttp/server.go | 17 |
2 files changed, 25 insertions, 0 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go index 6d8e921..99bd952 100644 --- a/modules/caddyhttp/caddyhttp.go +++ b/modules/caddyhttp/caddyhttp.go @@ -234,6 +234,8 @@ func (app *App) automaticHTTPS() error { // skip if all listeners use the HTTP port if !srv.listenersUseAnyPortOtherThan(app.HTTPPort) { + log.Printf("[INFO] Server %v is only listening on the HTTP port %d, so no automatic HTTPS will be applied to this server", + srv.Listen, app.HTTPPort) continue } @@ -315,6 +317,12 @@ func (app *App) automaticHTTPS() error { log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains) + // notify user if their config might override the HTTP->HTTPS redirects + if srv.listenersIncludePort(app.HTTPPort) { + log.Printf("[WARNING] Server %v is listening on HTTP port %d, so automatic HTTP->HTTPS redirects may be overridden by your own configuration", + srv.Listen, app.HTTPPort) + } + // create HTTP->HTTPS redirects for _, addr := range srv.Listen { netw, host, port, err := caddy.SplitListenAddr(addr) diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go index 885ba0b..5b651fc 100644 --- a/modules/caddyhttp/server.go +++ b/modules/caddyhttp/server.go @@ -181,6 +181,23 @@ func (s *Server) listenersUseAnyPortOtherThan(otherPort int) bool { return false } +// listenersIncludePort returns true if there are any +// listeners in s that use otherPort. +func (s *Server) listenersIncludePort(otherPort int) bool { + for _, lnAddr := range s.Listen { + _, addrs, err := caddy.ParseListenAddr(lnAddr) + if err == nil { + for _, a := range addrs { + _, port, err := net.SplitHostPort(a) + if err == nil && port == strconv.Itoa(otherPort) { + return true + } + } + } + } + return false +} + func (s *Server) hasTLSClientAuth() bool { for _, cp := range s.TLSConnPolicies { if cp.ClientAuthentication != nil && cp.ClientAuthentication.Active() { |