From c79c08627d36e9871dedd3c7d8889d7d710134c2 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Mon, 15 Aug 2022 12:01:58 -0600 Subject: caddyhttp: Enable HTTP/3 by default (#4707) --- caddyconfig/httpcaddyfile/serveroptions.go | 58 +++++++++++++++++++----------- 1 file changed, 37 insertions(+), 21 deletions(-) (limited to 'caddyconfig/httpcaddyfile') diff --git a/caddyconfig/httpcaddyfile/serveroptions.go b/caddyconfig/httpcaddyfile/serveroptions.go index 9eb1940..6764f1a 100644 --- a/caddyconfig/httpcaddyfile/serveroptions.go +++ b/caddyconfig/httpcaddyfile/serveroptions.go @@ -39,8 +39,7 @@ type serverOptions struct { WriteTimeout caddy.Duration IdleTimeout caddy.Duration MaxHeaderBytes int - AllowH2C bool - ExperimentalHTTP3 bool + Protocols []string StrictSNIHost *bool ShouldLogCredentials bool } @@ -141,22 +140,51 @@ func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (any, error) { } serverOpts.ShouldLogCredentials = true + case "protocols": + protos := d.RemainingArgs() + for _, proto := range protos { + if proto != "h1" && proto != "h2" && proto != "h2c" && proto != "h3" { + return nil, d.Errf("unknown protocol '%s': expected h1, h2, h2c, or h3", proto) + } + if sliceContains(serverOpts.Protocols, proto) { + return nil, d.Errf("protocol %s specified more than once", proto) + } + serverOpts.Protocols = append(serverOpts.Protocols, proto) + } + if d.NextBlock(0) { + return nil, d.ArgErr() + } + + case "strict_sni_host": + if d.NextArg() && d.Val() != "insecure_off" && d.Val() != "on" { + return nil, d.Errf("strict_sni_host only supports 'on' or 'insecure_off', got '%s'", d.Val()) + } + boolVal := true + if d.Val() == "insecure_off" { + boolVal = false + } + serverOpts.StrictSNIHost = &boolVal + + // TODO: DEPRECATED. (August 2022) case "protocol": + caddy.Log().Named("caddyfile").Warn("DEPRECATED: protocol sub-option will be removed soon") + for nesting := d.Nesting(); d.NextBlock(nesting); { switch d.Val() { case "allow_h2c": - if d.NextArg() { - return nil, d.ArgErr() - } - serverOpts.AllowH2C = true + caddy.Log().Named("caddyfile").Warn("DEPRECATED: allow_h2c will be removed soon; use protocols option instead") - case "experimental_http3": if d.NextArg() { return nil, d.ArgErr() } - serverOpts.ExperimentalHTTP3 = true + if sliceContains(serverOpts.Protocols, "h2c") { + return nil, d.Errf("protocol h2c already specified") + } + serverOpts.Protocols = append(serverOpts.Protocols, "h2c") case "strict_sni_host": + caddy.Log().Named("caddyfile").Warn("DEPRECATED: protocol > strict_sni_host in this position will be removed soon; move up to the servers block instead") + if d.NextArg() && d.Val() != "insecure_off" && d.Val() != "on" { return nil, d.Errf("strict_sni_host only supports 'on' or 'insecure_off', got '%s'", d.Val()) } @@ -185,17 +213,6 @@ func applyServerOptions( options map[string]any, warnings *[]caddyconfig.Warning, ) error { - // If experimental HTTP/3 is enabled, enable it on each server. - // We already know there won't be a conflict with serverOptions because - // we validated earlier that "experimental_http3" cannot be set at the same - // time as "servers" - if enableH3, ok := options["experimental_http3"].(bool); ok && enableH3 { - *warnings = append(*warnings, caddyconfig.Warning{Message: "the 'experimental_http3' global option is deprecated, please use the 'servers > protocol > experimental_http3' option instead"}) - for _, srv := range servers { - srv.ExperimentalHTTP3 = true - } - } - serverOpts, ok := options["servers"].([]serverOptions) if !ok { return nil @@ -229,8 +246,7 @@ func applyServerOptions( server.WriteTimeout = opts.WriteTimeout server.IdleTimeout = opts.IdleTimeout server.MaxHeaderBytes = opts.MaxHeaderBytes - server.AllowH2C = opts.AllowH2C - server.ExperimentalHTTP3 = opts.ExperimentalHTTP3 + server.Protocols = opts.Protocols server.StrictSNIHost = opts.StrictSNIHost if opts.ShouldLogCredentials { if server.Logs == nil { -- cgit v1.2.3