Age | Commit message (Collapse) | Author |
|
* Initial implementation of fallback_sni
* Apply upstream patch
|
|
|
|
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
listener wrapper (#5424)
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
* core: Eliminate unnecessary shutdown delay on Unix
Fix #5393, alternate to #5405
* Comments, cleanup, adjust logs
* Fix build constraint
|
|
|
|
x/net 0.7.0 contains a security patch apparently.
|
|
* chore: Upgrade various dependencies
* Support CEL file matcher with no args
* Document `http.request.orig_uri.path.*`, reorder placeholders in docs
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
* caddyauth: Add singleflight for basic auth
* Fixes #5338
* it occurred the thunder herd problem like this https://medium.com/@mhrlife/avoid-duplicate-requests-while-filling-cache-98c687879f59
* Update modules/caddyhttp/caddyauth/basicauth.go
Fix comment
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
As of Tailscale 1.34.0 on Windows, Tailscale now uses a named pipe to
connect to the local tailscale service.
This pulls in tailscale/tscert#5 as reported in tailscale/tscert#4.
(Sorry, we should've noticed this earlier!)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
|
|
And fix a comment typo
|
|
This commit replaces the use of github.com/smallstep/cli to generate the
root and intermediate certificates and uses go.step.sm/crypto instead.
It also upgrades the version of github.com/smallstep/certificates to the
latest version.
|
|
Quic-go 0.30 should be faster
|
|
policies (#5120)
* httpcaddyfile: Skip some logic if auto_https off
* Try removing this check altogether...
* Refine test timeouts slightly, sigh
* caddyhttp: Assume udp for unrecognized network type
Seems like the reasonable thing to do if a plugin registers its own
network type.
* Add comment to document my lack of knowledge
* Clean up and prepare to merge
Add comments to try to explain what happened
|
|
|
|
|
|
|
|
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
* cmd: migrate to spf13/cobra
* add `manpage` command
* limit Caddy tagline to root `help` only
* hard-code the manpage section to 8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
|
|
Hahaha this is the ultimate "I have no idea what I'm doing" commit but it
compiles and the tests pass and I declare victory!
... probably broke something, should be tested more.
It is nice that the protobuf dependency becomes indirect now.
|
|
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* caddypki: Load intermediate for signing on-the-fly
Fixes #4517
Big thanks to @maraino for adding an API in `smallstep/certificates` so that we can fix this
* Debug log
* Trying a hunch, does it need to be a pointer receiver?
* Clarify pointer receiver
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
* chore: Attempt fix for xcaddy builds
* Upgrade smallstep/certificates which avoids the problem
|
|
|
|
Includes several breaking changes; code base updated accordingly.
- Added lots of context arguments
- Use fs.ErrNotExist
- Rename ACMEManager -> ACMEIssuer; CertificateManager -> Manager
|
|
|
|
* ci: Build on Go 1.18, bump actions versions
* Revert linter version bump for now
* Try linter again
|
|
Fixes bug in yuin/goldmark
https://github.com/caddyserver/website/issues/217
|