summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy/httptransport.go
AgeCommit message (Collapse)Author
2020-07-18reverseproxy: add support for custom DNS resolver (#3479)Mohammed Al Sahaf
* reverse proxy: add support for custom resolver * reverse proxy: don't pollute the global resolver with bootstrap resolver setup * Improve documentation of reverseproxy.UpstreamResolver fields Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * reverse proxy: clarify the name resolution conventions of upstream resolvers and bootstrap resolver * remove support for bootstraper of resolver * godoc and code-style changes Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-05-05pki: Embedded ACME server (#3198)Matt Holt
* pki: Initial commit of embedded ACME server (#3021) * reverseproxy: Support auto-managed TLS client certificates (#3021) * A little cleanup after today's review session
2020-05-05httpserver: Add experimental H2C support (#3289)Matt Holt
* reverse_proxy: Initial attempt at H2C transport/client support (#3218) I have not tested this yet * Experimentally enabling H2C server support (closes #3227) See also #3218 I have not tested this * reverseproxy: Clean up H2C transport a bit * caddyhttp: Update godoc for h2c server; clarify experimental status * caddyhttp: Fix trailers when recording responses (fixes #3236) * caddyhttp: Tweak h2c config settings and docs
2020-04-09reverseproxy: Minor tweaksMatthew Holt
We'll need that context in v2.1 when the transport can manage its own client certificates; see #3198
2020-04-07reverseproxy: Remove NTLM transport; refactor and improve docsMatthew Holt
2020-01-22reverseproxy: Fix casing of RootCAPEMFilesMatthew Holt
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2020-01-07reverse_proxy: Add tls_trusted_ca_certs to Caddyfile (#2936)Zaq? Wiedmann
Allows specifying ca certs with by filename in `reverse_proxy.transport`. Example ``` reverse_proxy /api api:443 { transport http { tls tls_trusted_ca_certs certs/rootCA.pem } } ```
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-11-05reverse_proxy: Add support for NTLMMatthew Holt
2019-11-05reverse_proxy: Make HTTP versions configurable, don't set NextProtosMatthew Holt
2019-10-29proxy: Forgot to commit importMatthew Holt
2019-10-29proxy: Enable HTTP/2 on transport to backendMatthew Holt
2019-10-10reverse_proxy: Customize SNI value in upstream request (closes #2483)Matthew Holt
2019-10-05reverse_proxy: Implement retry_match; by default only retry GET requestsMatthew Holt
See https://caddy.community/t/http-proxy-and-non-get-retries/6304
2019-09-14reverse_proxy: Close idle connections on module unloadMatthew Holt
2019-09-05fastcgi: Set default root path; add interface guardsMatthew Holt
2019-09-05Reconcile upstream dial addresses and request host/URL informationMatthew Holt
My goodness that was complicated Blessed be request.Context Sort of
2019-09-03Some cleanup and godocMatthew Holt
2019-09-03reverse_proxy: Implement remaining TLS config for proxy to backendMatthew Holt
2019-09-02reverse_proxy: WIP refactor and support for FastCGIMatthew Holt