| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Possibly important for the HTTP/2 Rapid Reset issue.
|
|
* go.mod: Update quic-go to v0.38.0
* run "go mod tidy"
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
|
|
* ci: Update to Go 1.21
* Bump quic-go to v0.37.4
* Check EnableFullDuplex err
* Linter bug suppression
See https://github.com/timakin/bodyclose/issues/52
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
Fixes #5680 once and for all! Hopefully :)
Thank you @marten-seemann for your excellent work!
|
|
|
|
This prevents initialization of a .step folder when it's not used.
|
|
Should fix panic in Go 1.21 where there was no RemoteAddr.
|
|
Fixes race condition
|
|
* update quic-go to v0.37.0
* Bump to Go 1.20
* Bump golangci-lint version, yml syntax consistency
* Use skip-pkg-cache workaround
* Workaround needed for both?
* Seeding weakrand is no longer necessary
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
* caddytls: Don't purge cert cache on config reload
* Update CertMagic
This actually avoids reloading managed certs from storage
when already in the cache, d'oh.
* Fix bug; re-implement HasCertificateForSubject
* Update go.mod: CertMagic tag
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Initial implementation of fallback_sni
* Apply upstream patch
|
|
|
|
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
listener wrapper (#5424)
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
* core: Eliminate unnecessary shutdown delay on Unix
Fix #5393, alternate to #5405
* Comments, cleanup, adjust logs
* Fix build constraint
|
|
|
|
x/net 0.7.0 contains a security patch apparently.
|
|
* chore: Upgrade various dependencies
* Support CEL file matcher with no args
* Document `http.request.orig_uri.path.*`, reorder placeholders in docs
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
* caddyauth: Add singleflight for basic auth
* Fixes #5338
* it occurred the thunder herd problem like this https://medium.com/@mhrlife/avoid-duplicate-requests-while-filling-cache-98c687879f59
* Update modules/caddyhttp/caddyauth/basicauth.go
Fix comment
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
As of Tailscale 1.34.0 on Windows, Tailscale now uses a named pipe to
connect to the local tailscale service.
This pulls in tailscale/tscert#5 as reported in tailscale/tscert#4.
(Sorry, we should've noticed this earlier!)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
|
|
And fix a comment typo
|
|
This commit replaces the use of github.com/smallstep/cli to generate the
root and intermediate certificates and uses go.step.sm/crypto instead.
It also upgrades the version of github.com/smallstep/certificates to the
latest version.
|
|
Quic-go 0.30 should be faster
|
|
policies (#5120)
* httpcaddyfile: Skip some logic if auto_https off
* Try removing this check altogether...
* Refine test timeouts slightly, sigh
* caddyhttp: Assume udp for unrecognized network type
Seems like the reasonable thing to do if a plugin registers its own
network type.
* Add comment to document my lack of knowledge
* Clean up and prepare to merge
Add comments to try to explain what happened
|
|
|
|
|
|
|
|
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
* cmd: migrate to spf13/cobra
* add `manpage` command
* limit Caddy tagline to root `help` only
* hard-code the manpage section to 8
|
