mirror of
https://github.com/caddyserver/caddy.git
synced 2025-10-31 02:27:19 -04:00
Matt Holt
GitHub
commit
503c6b392c
6
caddy.go
6
caddy.go
@ -768,7 +768,7 @@ func IsLoopback(addr string) bool {
|
|||||||
// be an IP or an IP:port combination.
|
// be an IP or an IP:port combination.
|
||||||
// Loopback addresses are considered false.
|
// Loopback addresses are considered false.
|
||||||
func IsInternal(addr string) bool {
|
func IsInternal(addr string) bool {
|
||||||
private_networks := []string{
|
privateNetworks := []string{
|
||||||
"10.0.0.0/8",
|
"10.0.0.0/8",
|
||||||
"172.16.0.0/12",
|
"172.16.0.0/12",
|
||||||
"192.168.0.0/16",
|
"192.168.0.0/16",
|
||||||
@ -786,8 +786,8 @@ func IsInternal(addr string) bool {
|
|||||||
if ip == nil {
|
if ip == nil {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
for _, private_network := range private_networks {
|
for _, privateNetwork := range privateNetworks {
|
||||||
_, ipnet, _ := net.ParseCIDR(private_network)
|
_, ipnet, _ := net.ParseCIDR(privateNetwork)
|
||||||
if ipnet.Contains(ip) {
|
if ipnet.Contains(ip) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|||||||
@ -156,10 +156,10 @@ func (l byNameDirFirst) Less(i, j int) bool {
|
|||||||
// if both are dir or file sort normally
|
// if both are dir or file sort normally
|
||||||
if l.Items[i].IsDir == l.Items[j].IsDir {
|
if l.Items[i].IsDir == l.Items[j].IsDir {
|
||||||
return strings.ToLower(l.Items[i].Name) < strings.ToLower(l.Items[j].Name)
|
return strings.ToLower(l.Items[i].Name) < strings.ToLower(l.Items[j].Name)
|
||||||
} else {
|
|
||||||
// always sort dir ahead of file
|
|
||||||
return l.Items[i].IsDir
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// always sort dir ahead of file
|
||||||
|
return l.Items[i].IsDir
|
||||||
}
|
}
|
||||||
|
|
||||||
// By Size
|
// By Size
|
||||||
|
|||||||
@ -161,11 +161,11 @@ func parseRawClientHello(data []byte) (info rawHelloInfo) {
|
|||||||
if len(data) < 42 {
|
if len(data) < 42 {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
sessionIdLen := int(data[38])
|
sessionIDLen := int(data[38])
|
||||||
if sessionIdLen > 32 || len(data) < 39+sessionIdLen {
|
if sessionIDLen > 32 || len(data) < 39+sessionIDLen {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
data = data[39+sessionIdLen:]
|
data = data[39+sessionIDLen:]
|
||||||
if len(data) < 2 {
|
if len(data) < 2 {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -598,6 +598,7 @@ var greaseCiphers = map[uint16]struct{}{
|
|||||||
0xFAFA: {},
|
0xFAFA: {},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Define variables used for TLS communication
|
||||||
const (
|
const (
|
||||||
extensionOCSPStatusRequest = 5
|
extensionOCSPStatusRequest = 5
|
||||||
extensionSupportedCurves = 10 // also called "SupportedGroups"
|
extensionSupportedCurves = 10 // also called "SupportedGroups"
|
||||||
|
|||||||
@ -330,9 +330,9 @@ func (r *replacer) getSubstitution(key string) string {
|
|||||||
if val, ok := r.request.Context().Value(caddy.CtxKey("mitm")).(bool); ok {
|
if val, ok := r.request.Context().Value(caddy.CtxKey("mitm")).(bool); ok {
|
||||||
if val {
|
if val {
|
||||||
return "likely"
|
return "likely"
|
||||||
} else {
|
|
||||||
return "unlikely"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return "unlikely"
|
||||||
}
|
}
|
||||||
return "unknown"
|
return "unknown"
|
||||||
case "{status}":
|
case "{status}":
|
||||||
|
|||||||
@ -232,8 +232,8 @@ func (c *Config) StorageFor(caURL string) (Storage, error) {
|
|||||||
// buildStandardTLSConfig converts cfg (*caddytls.Config) to a *tls.Config
|
// buildStandardTLSConfig converts cfg (*caddytls.Config) to a *tls.Config
|
||||||
// and stores it in cfg so it can be used in servers. If TLS is disabled,
|
// and stores it in cfg so it can be used in servers. If TLS is disabled,
|
||||||
// no tls.Config is created.
|
// no tls.Config is created.
|
||||||
func (cfg *Config) buildStandardTLSConfig() error {
|
func (c *Config) buildStandardTLSConfig() error {
|
||||||
if !cfg.Enabled {
|
if !c.Enabled {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -243,35 +243,35 @@ func (cfg *Config) buildStandardTLSConfig() error {
|
|||||||
curvesAdded := make(map[tls.CurveID]struct{})
|
curvesAdded := make(map[tls.CurveID]struct{})
|
||||||
|
|
||||||
// add cipher suites
|
// add cipher suites
|
||||||
for _, ciph := range cfg.Ciphers {
|
for _, ciph := range c.Ciphers {
|
||||||
if _, ok := ciphersAdded[ciph]; !ok {
|
if _, ok := ciphersAdded[ciph]; !ok {
|
||||||
ciphersAdded[ciph] = struct{}{}
|
ciphersAdded[ciph] = struct{}{}
|
||||||
config.CipherSuites = append(config.CipherSuites, ciph)
|
config.CipherSuites = append(config.CipherSuites, ciph)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
config.PreferServerCipherSuites = cfg.PreferServerCipherSuites
|
config.PreferServerCipherSuites = c.PreferServerCipherSuites
|
||||||
|
|
||||||
// add curve preferences
|
// add curve preferences
|
||||||
for _, curv := range cfg.CurvePreferences {
|
for _, curv := range c.CurvePreferences {
|
||||||
if _, ok := curvesAdded[curv]; !ok {
|
if _, ok := curvesAdded[curv]; !ok {
|
||||||
curvesAdded[curv] = struct{}{}
|
curvesAdded[curv] = struct{}{}
|
||||||
config.CurvePreferences = append(config.CurvePreferences, curv)
|
config.CurvePreferences = append(config.CurvePreferences, curv)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
config.MinVersion = cfg.ProtocolMinVersion
|
config.MinVersion = c.ProtocolMinVersion
|
||||||
config.MaxVersion = cfg.ProtocolMaxVersion
|
config.MaxVersion = c.ProtocolMaxVersion
|
||||||
config.ClientAuth = cfg.ClientAuth
|
config.ClientAuth = c.ClientAuth
|
||||||
config.NextProtos = cfg.ALPN
|
config.NextProtos = c.ALPN
|
||||||
config.GetCertificate = cfg.GetCertificate
|
config.GetCertificate = c.GetCertificate
|
||||||
|
|
||||||
// set up client authentication if enabled
|
// set up client authentication if enabled
|
||||||
if config.ClientAuth != tls.NoClientCert {
|
if config.ClientAuth != tls.NoClientCert {
|
||||||
pool := x509.NewCertPool()
|
pool := x509.NewCertPool()
|
||||||
clientCertsAdded := make(map[string]struct{})
|
clientCertsAdded := make(map[string]struct{})
|
||||||
|
|
||||||
for _, caFile := range cfg.ClientCerts {
|
for _, caFile := range c.ClientCerts {
|
||||||
// don't add cert to pool more than once
|
// don't add cert to pool more than once
|
||||||
if _, ok := clientCertsAdded[caFile]; ok {
|
if _, ok := clientCertsAdded[caFile]; ok {
|
||||||
continue
|
continue
|
||||||
@ -303,7 +303,7 @@ func (cfg *Config) buildStandardTLSConfig() error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// store the resulting new tls.Config
|
// store the resulting new tls.Config
|
||||||
cfg.tlsConfig = config
|
c.tlsConfig = config
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|||||||
@ -217,6 +217,7 @@ func RegisterPlugin(name string, plugin Plugin) {
|
|||||||
// EventName represents the name of an event used with event hooks.
|
// EventName represents the name of an event used with event hooks.
|
||||||
type EventName string
|
type EventName string
|
||||||
|
|
||||||
|
// Define the event names for the startup and shutdown events
|
||||||
const (
|
const (
|
||||||
StartupEvent EventName = "startup"
|
StartupEvent EventName = "startup"
|
||||||
ShutdownEvent EventName = "shutdown"
|
ShutdownEvent EventName = "shutdown"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user