summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/server.go
AgeCommit message (Collapse)Author
2020-03-15caddyhttp: Add support for listener wrapper modulesMatthew Holt
Wrapping listeners is useful for composing custom behavior related to accepting, closing, reading/writing connections (etc) below the application layer; for example, the PROXY protocol.
2020-02-27Couple of minor docs tweaksMatthew Holt
2020-02-25Expose TLS placeholders (#2982)Cameron Moore
* caddytls: Add CipherSuiteName and ProtocolName functions The cipher_suites.go file is derived from a commit to the Go master branch that's slated for Go 1.14. Once Go 1.14 is released, this file can be removed. * caddyhttp: Use commonLogEmptyValue in common_log replacer * caddyhttp: Add TLS placeholders * caddytls: update unsupportedProtocols Don't export unsupportedProtocols and update its godoc to mention that it's used for logging only. * caddyhttp: simplify getRegTLSReplacement signature getRegTLSReplacement should receive a string instead of a pointer. * caddyhttp: Remove http.request.tls.client.cert replacer The previous behavior of printing the raw certificate bytes was ported from Caddy 1, but the usefulness of that approach is suspect. Remove the client cert replacer from v2 until a use case is presented. * caddyhttp: Use tls.CipherSuiteName from Go 1.14 Remove ported version of CipherSuiteName in the process.
2020-02-14Minor tweaks to docs/commentsMatthew Holt
2020-01-13http: Refactor automatic HTTPS (fixes #2972)Matthew Holt
This splits automatic HTTPS into two phases. The first provisions the route matchers and uses them to build the domain set and configure auto HTTP->HTTPS redirects. This happens before the rest of the provisioning does. The second phase takes place at the beginning of the app start. It attaches pointers to the tls app to each server, and begins certificate management for the domains that were found in the first phase.
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2019-12-29Improve docs, especially w.r.t. placeholders and template actionsMatthew Holt
2019-12-29Export Replacer and use concrete type instead of interfaceMatthew Holt
The interface was only making things difficult; a concrete pointer is probably best.
2019-12-23Improve godocs all aroundMatthew Holt
These will be used in the new automated documentation system
2019-12-12Minor improvements; comments and shorter placeholders & module IDsMatthew Holt
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-12-04Fix misspellings (#2908)lu4p
2019-11-11core: Use port ranges to avoid OOM with bad inputs (#2859)Mohammed Al Sahaf
* fix OOM issue caught by fuzzing * use ParsedAddress as the struct name for the result of ParseNetworkAddress * simplify code using the ParsedAddress type * minor cleanups
2019-11-11http: Add response headers to access logsMatthew Holt
2019-11-05http: Eliminate allocation in cloneURL; add RemoteAddr to origRequestMatthew Holt
2019-11-04Prepare for beta 9 tagMatthew Holt
2019-11-04http: Only log handler errors >= 500Matthew Holt
Errors in the 4xx range are client errors, and they don't need to be entered into the server's error logs. 4xx errors are still recorded in the access logs at the error level.
2019-10-31http: Ensure server loggers are not nil (fixes #2849)Matthew Holt
2019-10-30http: Avoid panic if handler errors lack underlying error valueMatthew Holt
Fixes #2845
2019-10-29Remove unused fields from HandlerErrorMatthew Holt
2019-10-29caddyhttp: Fix nil pointer dereferenceMatthew Holt
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-15v2: Project-and-CI-wide linter config (#2812)Mohammed Al Sahaf
* v2: split golangci-lint configuration into its own file to allow code editors to take advantage of it * v2: simplify code * v2: set the correct lint output formatting * v2: invert the logic of linter's configuration of output formatting to allow the editor convenience over CI-specific customization. Customize the output format in CI by passing the flag. * v2: remove irrelevant golangci-lint config
2019-09-18http: Improve auto HTTP->HTTPS redirects, fix edge casesMatthew Holt
See https://caddy.community/t/v2-issues-with-multiple-server-blocks-in-caddyfile-style-config/6206/13?u=matt Also print pid when using `caddy start`
2019-09-17Allow domain fronting with TLS client auth if explicitly configuredMatthew Holt
2019-09-11http: Set Alt-Svc header if experimental HTTP3 server is enabledMatthew Holt
2019-09-10Experimental IETF-standard HTTP/3 support (known issue exists) (#2727)Matt Holt
* Begin WIP integration of HTTP/3 support * http3: Set actual Handler, make fakeClosePacketConn type for UDP sockets Also use latest quic-go for ALPN fix * Manually keep track of and close HTTP/3 listeners * Update quic-go after working through some http3 bugs * Fix go mod * Make http3 optional for now
2019-09-10Fix build (sigh)Matthew Holt
2019-09-09Merge pull request #2737 from caddyserver/fastcgi (reverse proxy!)Matt Holt
v2: Refactor reverse proxy and add FastCGI support
2019-09-09Log when auto HTTPS or auto HTTP->HTTPS redirects are disabledMatthew Holt
2019-09-07Fix build (#2740)Ingo Gottwald
Build was broken with commit 50961ec.
2019-09-05Add original URI to request context; implement into fastcgi envMatthew Holt
2019-09-05Reconcile upstream dial addresses and request host/URL informationMatthew Holt
My goodness that was complicated Blessed be request.Context Sort of
2019-09-03Initial implementation of TLS client authentication (#2731)Alexandre Stein
* Add support for client TLS authentication Signed-off-by: Alexandre Stein <alexandre_stein@interlab-net.com> * make and use client authentication struct * force StrictSNIHost if TLSConnPolicies is not empty * Implement leafs verification * Fixes issue when using multiple verification * applies the comments from maintainers * Apply comment * Refactor/cleanup initial TLS client auth implementation
2019-08-09Implement config adapters and beginning of Caddyfile adapterMatthew Holt
Along with several other changes, such as renaming caddyhttp.ServerRoute to caddyhttp.Route, exporting some types that were not exported before, and tweaking the caddytls TLS values to be more consistent. Notably, we also now disable automatic cert management for names which already have a cert (manually) loaded into the cache. These names no longer need to be specified in the "skip_certificates" field of the automatic HTTPS config, because they will be skipped automatically.
2019-07-11Fix rehandling bugMatthew Holt
2019-07-11Add error & subroute handlers; weakString; other minor handler changesMatthew Holt
2019-07-09Flatten HTTP handler config (#2662)Matthew Holt
Differentiating middleware and responders has one benefit, namely that it's clear which module provides the response, but even then it's not a great advantage. Linear handler config makes a little more sense, giving greater flexibility and simplifying the core a bit, even though it's slightly awkward that handlers which are responders may not use the 'next' handler that is passed in at all.
2019-07-08Move listen address functions into caddy package; fix unix bugMatthew Holt
2019-07-02go.mod: Append /v2 to module name; update all import pathsMatthew Holt
See https://github.com/golang/go/wiki/Modules#semantic-import-versioning
2019-06-30Add licenseMatthew Holt
2019-06-28httpserver: Set default Server headerMatthew Holt
2019-06-26Optionally enforce strict TLS SNI + HTTP Host matching, & misc. cleanupMatthew Holt
We should look into a way to enable this by default when TLS client auth is configured for a server
2019-06-26Enable skipping just certificate management for some auto HTTPS namesMatthew Holt
2019-06-26Refactor automatic HTTPS configuration; ability to skip certain namesMatthew Holt
2019-06-21Various bug fixes and minor improvementsMatthew Holt
- Fix static responder so it doesn't replace its own headers config, and instead replaces the actual response header values - caddyhttp.ResponseRecorder type optionally buffers response - Add interface guards to ensure regexp matchers get provisioned - Use default HTTP port if one is not explicitly set - Encode middleware writes status code 200 if not written upstream - Templates and markdown only try to execute on text responses - Static file server sets Content-Type based on file extension only (this whole thing -- MIME sniffing, etc -- needs more configurability)
2019-06-18Implement templates handler; various minor cleanups and bug fixesMatthew Holt
2019-06-14Rename caddy2 -> caddyMatthew Holt
Removes the version from the package name
2019-06-04Change import paths to GitHub package namesMatthew Holt
2019-05-28Minor cleanupsMatthew Holt