summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-09-16fileserver: properly handle escaped/non-ascii paths (#4332)Mohammed Al Sahaf
* fileserver: properly handle escaped/non-ascii paths * fileserver: tests: accommodate Windows hate of colons in files names
2021-09-16Make copyright notice more consistentMatthew Holt
Some files had the old copyright or were missing the license comment entirely. Also change Light Code Labs to Dyanim in security contact and releases.
2021-09-15templates: Propagate httpError to HTTP responseMatthew Holt
Now possible with Go 1.17. See https://github.com/golang/go/issues/34201.
2021-09-13headers: Canonicalize case in replace (fix #4330)Matthew Holt
2021-09-11fastcgi: Fix Caddyfile parsing when `handle_response` is used (#4342)Francis Lavoie
2021-09-03go.mod: Update CertMagicMatthew Holt
Adds one more debug log
2021-09-03ci: revert workaround implemented in #4306 (#4328)Mohammed Al Sahaf
2021-09-01cmd: export CaddyVersion(), Commands() (#4316)peymaneh
* cmd: Export CaddyVersion() * cmd: Add getter Commands()
2021-08-31ci: Only test cross-build on latest Go version (#4319)Francis Lavoie
This generated way too many test jobs, which weren't really that useful. Cross-build is just to keep us posted on which architectures are building okay, so it's not necessary to do it twice. Only plan9 is not working at this point (see https://github.com/caddyserver/caddy/issues/3615)
2021-08-31encode: ignore flushing until after first write (#4318)Steffen Brüheim
* encode: ignore flushing until after first write (fix #4314) The first write will determine if encoding has to be done and will add an Content-Encoding. Until then Flushing has to be delayed so the Content-Encoding header can be added before headers and status code is written. (A passthrough flush would write header and status code) * Update modules/caddyhttp/encode/encode.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-08-30go.mod: Upgrade CertMagic to v0.14.4Matthew Holt
Adds more debug logging
2021-08-26go.mod: Upgrade some dependenciesMatthew Holt
2021-08-26httpcaddyfile: Reorder some directives (#4311)Francis Lavoie
We realized we made some mistakes with the directive ordering, so we're making some minor adjustments. `abort` and `error` don't really make sense to be after other handler directives, because you would expect to be able to "fail-fast" and throw an error before falling through to some `file_server` or `respond` typically. So we're moving them up to just before `respond`, i.e. before the common handler directives. This is also more consistent with our existing examples in the docs, which actually didn't work due to the directive ordering. See https://caddyserver.com/docs/caddyfile/directives/error#examples Also, `push` doesn't quite make sense to be after `handle`/`route`, since its job is to read from response headers to push additional resources if necessary, and `handle`/`route` may be terminal so push would not be reached if it was declared outside those. And also, it would make sense to be _before_ `templates` because a template _could_ add a `Link` header to the response dynamically.
2021-08-25chore: Upgrade smallstep libs (#4307)Francis Lavoie
See https://github.com/smallstep/nosql/issues/12 for context.
2021-08-25chore: promote creating 'caddy-build' to the release action (#4306)Mohammed Al Sahaf
The commit goreleaser/goreleaser@013bd69126459125694d7cb2c434dd9ba63e5a5b of GoReleaser is now checking the `go version` prior to executing any of the pre-hooks, which involves setting the current dir of the command to the `build.dir` of the build config. At the time of version check, the buil dir does not exist. It's created in the pre-hook. As a workaround, the build-dir is now created in the Github Action prior to executing goreleaser action.
2021-08-25httpcaddyfile: Improve unrecognized directive errorsMatthew Holt
2021-08-23reverseproxy: Remove redundant flushing (#4299)Francis Lavoie
From reading through the code, I think this code path is now obsoleted by the changes made in https://github.com/caddyserver/caddy/pull/4266. Basically, `h.flushInterval()` will set the flush interval to `-1` if we're in a bi-directional stream, and the recent PR ensured that `h.copyResponse()` properly flushes headers immediately when the flush interval is non-zero. So now there should be no need to call Flush before calling `h.copyResponse()`.
2021-08-23caddyfile: Better error message for missing site block braces (#4301)Francis Lavoie
Some new users mistakenly try to define two sites without braces around each. Doing this can yield a confusing error message saying that their site address is an "unknown directive". We can do better by keeping track of whether the current site block was parsed with or without a brace, then changing the error message later based on that. For example, now this invalid config: ``` foo.example.com respond "foo" bar.example.com respond "bar" ``` Will yield this error message: ``` $ caddy adapt 2021/08/22 19:21:31.028 INFO using adjacent Caddyfile adapt: Caddyfile:4: unrecognized directive: bar.example.com Did you mean to define a second site? If so, you must use curly braces around each site to separate their configurations. ```
2021-08-23caddyfile: Error on invalid site addresses containing comma (#4302)Francis Lavoie
Some users forget to use a comma between their site addresses. This is invalid (commas aren't a valid character in domains) and later parts of the code like certificate automation will try to use this otherwise, which doesn't make sense. Best to error as early as possible. Example thread on the forums where this happened: https://caddy.community/t/simplify-caddyfile/13281/9
2021-08-20cmd: Fix paths when using an env file (#4296)Pascal Zarrad
* core: Fix paths when using an env file * refactor: move path logic to loadFromEnv
2021-08-20chore: Update quic-go for go 1.17 support (#4297)Adam Weinberger
* Update quic-go for go 1.17 support * Complete quic-go update (go mod tidy)
2021-08-19caddyhttp: Updated the documentation for MatchQuery (#4295)Scott Mebberson
2021-08-19chore: Upgrade smallstep libs (#4291)Francis Lavoie
See https://github.com/smallstep/nosql/issues/12 for context.
2021-08-18cmd: use net.ErrClosed for matching returned error (#4289)M. Ángel Jimeno
Implements #3805
2021-08-17logging: Warn for deprecated single_field encoderMatthew Holt
2021-08-16ci: Start testing on Go 1.17, drop 1.15 (#4283)Francis Lavoie
2021-08-16core: Unix ns and Unix ms time placeholders (#4280)Rainer Borene
2021-08-16admin: Sync server variables (fix #4260) (#4274)Steven Angles
* Synchronize server assignment/references to avoid data race * only hold lock during var reassignment
2021-08-12httpcaddyfile: Add shortcut for proxy hostport placeholder (#4263)Francis Lavoie
* httpcaddyfile: Add shortcut for proxy hostport placeholder I've noticed that it's a pretty common pattern to write a proxy like this, when needing to proxy over HTTPS: ``` reverse_proxy https://example.com { header_up Host {http.reverse_proxy.upstream.hostport} } ``` I find it pretty hard to remember the exact placeholder to use for this, and I continually need to refer to the docs when I need it. I think a simple fix for this is to add another Caddyfile placeholder for this one to shorten it: ``` reverse_proxy https://example.com { header_up Host {proxy_hostport} } ``` * Switch the shortcut name
2021-08-12reverseproxy: Incorporate latest proxy changes from stdlib (#4266)Francis Lavoie
I went through the commits that touched stdlib's `reverseproxy.go` file, and copied over all the changes that are to code that was copied into Caddy. The commits I pulled changes from: - https://github.com/golang/go/commit/2cc347382f4df3fb40d8d81ec9331f0748b1c394 - https://github.com/golang/go/commit/a5cea062b305c8502bdc959c0eec279dbcd4391f - https://github.com/golang/go/commit/ecdbffd4ec68b509998792f120868fec319de59b - https://github.com/golang/go/commit/21898524f66c075d7cfb64a38f17684140e57675 -https://github.com/golang/go/commit/ca3c0df1f8e07337ba4048b191bf905118ebe251 - https://github.com/golang/go/commit/9c017ff30dd21bbdcdb11f39458d3944db530d7e This may also fix https://github.com/caddyserver/caddy/issues/4247 because of the change to `copyResponse` to set `mlw.flushPending = true` right away.
2021-08-11cmd: New `add-package` and `remove-package` commands (#4226)Oleg
* adding package command * add-package command name * refactoring duplicate code * fixed by review * fixed by review * remove-package command * commands in different files, common utils * fix add, remove, upgrade packages in 1 file * copyright and downloadPath moved * refactor * downloadPath do no export * adding/removing multiple packages * addPackages/removePackages, comments, command-desc * add-package, process case len(args) == 0 Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-08-02httpcaddyfile: Ensure hosts to skip for logs can always be collected (#4258)Frederik Ring
* httpcaddyfile: ensure hosts to skip can always be collected Previously, some hosts that should be skipped in logging would be missed as the current logic would only collect them after encountering the first server that would log. This change makes sure the ServerLogConfig is initialized before iterating over the server blocks. * httpcaddyfile: add test case for skip hosts behavior
2021-07-28admin: Implement load_interval to pull config on a timer (#4246)王清雨
* feat: implement a simple timer to pull config mostly referenced to the issue re #4106 * Update admin.go use `caddy.Duration` Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Update caddy.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Update admin.go Co-authored-by: Francis Lavoie <lavofr@gmail.com> * fix: sync load config when no pull interval provided try not to make break change * fix: change PullInterval to LoadInterval * fix: change pull_interval to load_interval * Update caddy.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-07-19caddyfile: keep error chain info in Dispenser.Errf (#4233)Ggicci
* caddyfile: Errf enable error chain unwrapping * refactor: remove parseError
2021-07-14logging: Prep for `common_log` removal (#4149)Francis Lavoie
See https://github.com/caddyserver/caddy/issues/4148#issuecomment-833207811
2021-07-14caddyhttp: Fix edgecase with auto HTTP->HTTPS logic (#4243)Francis Lavoie
2021-07-12logging: Add missing interface guards for replace filter (#4244)Leo Di Donato
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
2021-07-07fileserver: Fix browse name_dir_first sorting (#4218)diamondburned
This commit fixes the `sortByNameDirFirst` variable inside fileserver to match what browse's default template has. Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-07-06reverseproxy: Keep path to unix socket as dial address (#4232)elnoro
2021-07-06caddyhttp: Fix incorrect determination of gRPC protocol (#4236)hmol233
2021-07-01fileserver: Add `disable_canonical_uris` Caddyfile subdirective (#4222)mritd
* feat(fileserver): add 'canonical_uris' parameter to caddyfile add 'canonical_uris' parameter to caddyfile reference #2741 Signed-off-by: mritd <mritd@linux.com> * feat(file_server): rename subdirective canonical_uris to disable_canonical_uris rename subdirective canonical_uris to disable_canonical_uris Signed-off-by: mritd <mritd@linux.com> * test(caddyfile_adapt): add disable_canonical_uris subdirective test file add disable_canonical_uris subdirective test file Signed-off-by: mritd <mritd@linux.com>
2021-07-01acmeserver: Don't set host for directory links by defaultMatthew Holt
This makes the server more easily proxied.
2021-06-25fileserver: Clarify docs about canonicalizationMatthew Holt
Related to https://github.com/caddyserver/caddy/issues/4205.
2021-06-25caddytls: Remove "IssuerRaw" fieldMatthew Holt
Has been deprecated and printing warnings for about 8 months now. Replaced by "IssuersRaw" field in v2.3.0.
2021-06-25httpcaddyfile: Don't put localhost in public APs (fix #4220)Matthew Holt
If an email is specified in global options, a site called 'localhost' shouldn't be bunched together with public DNS names in the automation policies, which get the default, public-CA issuers. Fix old test that did this. I also noticed that these two: localhost { } example.com { } and localhost, example.com { } produce slightly different TLS automation policies. The former is what the new test case covers, and we have logic that removes the empty automation policy for localhost so that auto-HTTPS can implicitly create one. (We prefer that whenever possible.) But the latter case produces two automation policies, with the second one being for localhost, with an explicit internal issuer. It's not wrong, just more explicit than it needs to be. I'd really like to completely rewrite the code from scratch that generates automation policies, hopefully there is a simpler, more correct algorithm.
2021-06-21acmeserver: Trim slashes from path prefixMatthew Holt
See https://caddy.community/t/mtls-tls-internal-error/12807
2021-06-18go.mod: Update dependencies (close #4216)Matthew Holt
2021-06-18encode: Tweak compression settings (#4215)Klaus Post
* Tweak compression settings zstd: Limit window sizes to 128K to keep memory in control both server and client size. zstd: Write 0 length frames. This may be needed for compatibility. zstd: Create fewer encoders. Small memory improvement. gzip: Allow -2 (Huffman only) and -3 (stateless) compression modes. * Update modules/caddyhttp/encode/zstd/zstd.go Update docs. Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-06-17caddyhttp: Refactor and export SanitizedPathJoin for use in fastcgi (#4207)Matt Holt
2021-06-17fileserver: Only redirect if filename not rewritten (fix #4205)Matthew Holt
This is the more correct implementation of 23dadc0d86dd75dad7559c25f20c9641bc7bc30f (#4179)... I think. This commit effectively undoes the revert in 8848df9c5d372a559d01512b7a4ef00e38867b55, but with corrections to the logic. We *do* need to use the original request path (the path the browser knows) for redirects, since they are external, and rewrites are only internal. However, if the path was rewritten to a non-canonical path, we should not redirect to canonicalize that, since rewrites are intentional by the site owner. Canonicalizing the path involves modifying only the suffix (base element, or filename) of the path. Thus, if a rewrite involves only the prefix (like how handle_path strips a path prefix), then we can (hopefully!) safely redirect using the original URI since the filename was not rewritten. So basically, if rewrites modify the filename, we should not canonicalize those requests. If rewrites only modify another part of the path (commonly a prefix), we should be OK to redirect.