Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-10-21 | tls: Make the on-demand rate limiter actually work | Matthew Holt | |
This required a custom rate limiter implementation in CertMagic | |||
2019-10-16 | tls: Asynchronous cert management at startup (uses CertMagic v0.8.0) | Matthew Holt | |
2019-10-02 | caddytls: nil check on storageClean fields on Stop | Matthew Holt | |
2019-09-30 | tls: Change struct fields to pointers, add nil checks; rate.Burst update | Matthew Holt | |
Making them pointers makes for cleaner JSON when adapting configs, if the struct is empty now it will be omitted entirely. The x/time/rate package was updated to support changing the burst, so we've incorporated that here and removed a TODO. | |||
2019-09-24 | tls: Make cert and OCSP check intervals configurable | Matthew Holt | |
This enables use of ACME CAs that issue shorter-lived certs | |||
2019-09-17 | tls: Clean up expired OCSP staples and certificates | Matthew Holt | |
2019-09-14 | Eliminate some TODOs | Matthew Holt | |
2019-09-13 | http: Consider wildcards when evaluating automatic HTTPS | Matthew Holt | |
2019-09-12 | tls: Do away with SetDefaults which did nothing useful | Matthew Holt | |
CertMagic uses the same defaults for us | |||
2019-09-12 | go.mod: Use lego v3 and CertMagic 0.7.0 | Matthew Holt | |
2019-09-10 | Require Go 1.13; use Go 1.13's default support for TLS 1.3 | Matthew Holt | |
2019-08-21 | Refactor Caddyfile adapter and module registration | Matthew Holt | |
Use piles from which to draw config values. Module values can return their name, so now we can do two-way mapping from value to name and name to value; whereas before we could only map name to value. This was problematic with the Caddyfile adapter since it receives values and needs to know the name to put in the config. | |||
2019-08-09 | Implement config adapters and beginning of Caddyfile adapter | Matthew Holt | |
Along with several other changes, such as renaming caddyhttp.ServerRoute to caddyhttp.Route, exporting some types that were not exported before, and tweaking the caddytls TLS values to be more consistent. Notably, we also now disable automatic cert management for names which already have a cert (manually) loaded into the cache. These names no longer need to be specified in the "skip_certificates" field of the automatic HTTPS config, because they will be skipped automatically. | |||
2019-07-02 | go.mod: Append /v2 to module name; update all import paths | Matthew Holt | |
See https://github.com/golang/go/wiki/Modules#semantic-import-versioning | |||
2019-07-01 | tls: Enable TLS 1.3 by default; set sane defaults on tls.Config structs | Matthew Holt | |
2019-06-30 | Add license | Matthew Holt | |
2019-06-26 | Optionally enforce strict TLS SNI + HTTP Host matching, & misc. cleanup | Matthew Holt | |
We should look into a way to enable this by default when TLS client auth is configured for a server | |||
2019-06-24 | caddytls: Support tags for manually-loaded certificates | Matthew Holt | |
2019-06-21 | Oops | Matthew Holt | |
2019-06-20 | tls: Improve (and fix) on-demand configuration | Matthew Holt | |
2019-06-14 | Rename caddy2 -> caddy | Matthew Holt | |
Removes the version from the package name | |||
2019-06-04 | Fix bugs related to auto HTTPS and alternate port configurations | Matthew Holt | |
2019-06-04 | Change import paths to GitHub package names | Matthew Holt | |
2019-05-29 | Implement session ticket keys; default STEK module with rotation | Matthew Holt | |
2019-05-27 | Separate out certificate selection | Matthew Holt | |
2019-05-24 | Implement custom cert selection policies; optimize matching for SNI | Matthew Holt | |
2019-05-21 | Module.New() does not need to return an error | Matthew Holt | |
2019-05-16 | Architectural shift to using context for config and module state | Matthew Holt | |
2019-04-26 | General cleanup and more godocs | Matthew Holt | |
2019-04-25 | Initial commit of Storage, TLS, and automatic HTTPS implementations | Matthew Holt | |