Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							d81a69ef16 
							
						 
					 
					
						
						
							
							Merge branch 'eab-fix'  
						
						
						
						
							
						
					 
					
						2020-06-12 11:49:45 -06:00 
						 
				 
			
				
					
						
							
							
								Mohammed Al Sahaf 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							99dcc10f31 
							
						 
					 
					
						
						
							
							ci: add CI on s390x ( #3463 )  
						
						... 
						
						
						
						* ci: lay out foundation for s390x tests
* ci: uncomment the s390x test script & replace placeholders with real values
* ci: amend the s390x test job name to be more consistent with others 
						
						
							
						
					 
					
						2020-06-12 17:11:46 +00:00 
						 
				 
			
				
					
						
							
							
								Wynn Wolf Arbor 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fa4cdde7d8 
							
						 
					 
					
						
						
							
							fastcgi: Make sure splitPos handles empty SplitPath correctly ( #3491 )  
						
						... 
						
						
						
						In commit f2ce81c, support for multiple path splitters was added. The
type of SplitPath changed from string to []string, and splitPos was
changed to loop through all values in SplitPath.
Before that commit, if SplitPath was empty, strings.Index returned 0 and
PATH_INFO was set correctly in buildEnv.
Currently, however, splitPos returns -1 for empty values of SplitPath,
behaving as if a split position could not be found at all. PATH_INFO is
then never set in buildEnv and remains empty.
Restore the old behaviour by explicitly checking whether SplitPath is
empty and returning 0 in splitPos.
Closes  #3490  
						
						
							
						
					 
					
						2020-06-12 10:07:59 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d55c3b31eb 
							
						 
					 
					
						
						
							
							caddyhttp: Add client cert SAN placeholders  
						
						
						
						
							
						
					 
					
						2020-06-11 16:19:07 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6d03fb48f9 
							
						 
					 
					
						
						
							
							caddytls: Don't decode HMAC  
						
						... 
						
						
						
						https://caddy.community/t/trouble-with-external-account-hmac/8600?u=matt  
					
						2020-06-11 15:33:27 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b3bff13f7d 
							
						 
					 
					
						
						
							
							reverseproxy: Close websocket conn if req context cancels  
						
						... 
						
						
						
						This is a recent patch in the Go standard library 
						
						
							
						
					 
					
						2020-06-11 15:25:26 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7211101c52 
							
						 
					 
					
						
						
							
							ci: Fix gemfury upload condition, move triggers to publish event ( #3483 )  
						
						
						
						
							
						
					 
					
						2020-06-08 12:21:20 -06:00 
						 
				 
			
				
					
						
							
							
								Mohammed Al Sahaf 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							90dba172cb 
							
						 
					 
					
						
						
							
							ci: fix an oopsie in the release script ( #3482 )  
						
						
						
						
							
 
						
					 
					
						2020-06-08 11:10:28 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4b10ae5ce6 
							
						 
					 
					
						
						
							
							reverseproxy: Add Caddyfile support for ClientCertificateAutomate  
						
						
						
						
							
						
					 
					
						2020-06-08 10:30:26 -06:00 
						 
				 
			
				
					
						
							
							
								NWHirschfeld 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1dfb11486e 
							
						 
					 
					
						
						
							
							httpcaddyfile: Add client_auth options to tls directive ( #3335 )  
						
						... 
						
						
						
						* reading client certificate config from Caddyfile
Signed-off-by: NWHirschfeld <Niclas@NWHirschfeld.de>
* Update caddyconfig/httpcaddyfile/builtins.go
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* added adapt test for parsing client certificate configuration from Caddyfile
Signed-off-by: NWHirschfeld <Niclas@NWHirschfeld.de>
* read client ca and leaf certificates from file https://github.com/caddyserver/caddy/pull/3335#discussion_r421633844 
Signed-off-by: NWHirschfeld <Niclas@NWHirschfeld.de>
* Update modules/caddytls/connpolicy.go
* Make review adjustments
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com> 
						
						
							
						
					 
					
						2020-06-05 12:19:36 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							11a132d48b 
							
						 
					 
					
						
						
							
							caddytls: Configurable cache size limit  
						
						
						
						
							
						
					 
					
						2020-06-05 11:14:39 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9dafa63933 
							
						 
					 
					
						
						
							
							go.mod: Update dependencies  
						
						
						
						
							
						
					 
					
						2020-06-05 11:14:09 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							21c1da101c 
							
						 
					 
					
						
						
							
							ci: Disable publishing .deb on beta tags ( #3473 )  
						
						
						
						
							
						
					 
					
						2020-06-05 10:23:15 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7a99835dab 
							
						 
					 
					
						
						
							
							reverseproxy: Enable changing only the status code ( close   #2920 )  
						
						
						
						
							
						
					 
					
						2020-06-04 12:06:38 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7b0962ba4d 
							
						 
					 
					
						
						
							
							caddyhttp: Default to error status if found in context  
						
						... 
						
						
						
						This is just a convenience if using a static_response handler in an
error route, by setting the default status code to the same one as
the error status. 
						
						
							
						
					 
					
						2020-06-04 10:32:01 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2d1f7b9da8 
							
						 
					 
					
						
						
							
							caddyhttp: Auto-redirects from all bind addresses ( fix   #3443 )  
						
						
						
						
							
						
					 
					
						2020-06-03 10:56:26 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a285fe4129 
							
						 
					 
					
						
						
							
							caddypki: Add 'acme_server' Caddyfile directive  
						
						
						
						
							
						
					 
					
						2020-06-03 09:59:36 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							97e61c16a3 
							
						 
					 
					
						
						
							
							httpcaddyfile: Sort site blocks with wildcards last ( fix   #3410 )  
						
						
						
						
							
						
					 
					
						2020-06-03 09:35:13 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							83551edf3e 
							
						 
					 
					
						
						
							
							cmd: Only stop admin server on signal if it exists ( fix   #3470 )  
						
						
						
						
							
						
					 
					
						2020-06-03 07:31:31 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e18c373064 
							
						 
					 
					
						
						
							
							caddytls: Actually use configured test CA  
						
						
						
						
							
						
					 
					
						2020-06-02 11:13:44 -06:00 
						 
				 
			
				
					
						
							
							
								Matt Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9a7756c6e4 
							
						 
					 
					
						
						
							
							caddyauth: Cache basicauth results ( fixes   #3462 ) ( #3465 )  
						
						... 
						
						
						
						Cache capacity is currently hard-coded at 1000 with random eviction.
It is enabled by default from Caddyfile configurations because I assume
this is the most common preference. 
						
						
							
						
					 
					
						2020-06-01 23:56:47 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fdf2a77feb 
							
						 
					 
					
						
						
							
							caddyfile: Add args on imports ( #3423 )  
						
						... 
						
						
						
						* caddyfile: Add support for args on imports
* caddyfile: Add more import args tests 
						
						
							
						
					 
					
						2020-06-01 10:43:06 -06:00 
						 
				 
			
				
					
						
							
							
								Georges Haidar 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a496308f6e 
							
						 
					 
					
						
						
							
							httpcaddyfile: Let modules add listener wrappers ( #3397 )  
						
						... 
						
						
						
						* httpcaddyfile: allow modules to customize listener wrappers
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com> 
						
						
							
						
					 
					
						2020-06-01 09:50:00 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d5d7fb5954 
							
						 
					 
					
						
						
							
							go.mod: Update dependencies  
						
						
						
						
							
						
					 
					
						2020-06-01 09:31:08 -06:00 
						 
				 
			
				
					
						
							
							
								Matt Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							996af0915d 
							
						 
					 
					
						
						
							
							cmd: Support admin endpoint on unix socket ( #3320 )  
						
						
						
						
							
						
					 
					
						2020-05-29 14:21:55 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							6c051cd27d 
							
						 
					 
					
						
						
							
							caddyconfig: Minor internal and godoc tweaks  
						
						
						
						
							
						
					 
					
						2020-05-29 11:49:25 -06:00 
						 
				 
			
				
					
						
							
							
								Matt Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9415feca7c 
							
						 
					 
					
						
						
							
							logging: Net writer redials if write fails ( #3453 )  
						
						... 
						
						
						
						* logging: Net writer redials if write fails
https://caddy.community/t/v2-log-output-net-does-not-reconnect-after-lost-connection/8386?u=matt 
* Only replace connection if redial succeeds
* Fix error handling 
						
						
							
						
					 
					
						2020-05-28 10:40:14 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							881b826fb5 
							
						 
					 
					
						
						
							
							reverseproxy: Pool copy buffers (minor optimization)  
						
						
						
						
							
						
					 
					
						2020-05-27 11:42:19 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							538ddb8587 
							
						 
					 
					
						
						
							
							reverseproxy: Enable response interception ( #1447 ,  #2920 )  
						
						... 
						
						
						
						It's a raw, low-level implementation for now, but it's very flexible.
More sugar-coating can be added after error handling is more developed. 
						
						
							
						
					 
					
						2020-05-27 10:17:45 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							69b5643130 
							
						 
					 
					
						
						
							
							chore: Fix typo in dispenser.go ( #3456 )  
						
						
						
						
							
						
					 
					
						2020-05-27 08:13:57 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e5bbed1046 
							
						 
					 
					
						
						
							
							caddyhttp: Refactor header matching  
						
						... 
						
						
						
						This allows response matchers to benefit from the same matching logic
as the request header matchers (mainly prefix/suffix wildcards). 
						
						
							
						
					 
					
						2020-05-26 17:35:27 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							294910c68c 
							
						 
					 
					
						
						
							
							caddyhttp: Add client.public_key(_sha256) placeholders  
						
						
						
						
							
						
					 
					
						2020-05-26 15:52:53 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8c5d00b2bc 
							
						 
					 
					
						
						
							
							httpcaddyfile: New handle_path directive ( #3281 )  
						
						... 
						
						
						
						* caddyconfig: WIP implementation of handle_path
* caddyconfig: Complete the implementation - h.NewRoute was key
* caddyconfig: Add handle_path integration test
* caddyhttp: Use the path matcher as-is, strip the trailing *, update test 
						
						
							
						
					 
					
						2020-05-26 15:27:51 -06:00 
						 
				 
			
				
					
						
							
							
								Rui Lopes 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							aa20878887 
							
						 
					 
					
						
						
							
							cmd: file-server: add --access-log flag ( #3454 )  
						
						
						
						
							
						
					 
					
						2020-05-26 15:04:04 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c1e5c09294 
							
						 
					 
					
						
						
							
							reverseproxy: Improve error message when using scheme+placeholder ( #3393 )  
						
						... 
						
						
						
						* reverseproxy: Improve error message when using scheme+placeholder
* reverseproxy: Simplify error message
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com> 
						
						
							
						
					 
					
						2020-05-26 14:13:15 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ffc125d6f5 
							
						 
					 
					
						
						
							
							caddyfile: Move NewTestDispenser into non-test file ( #3439 )  
						
						
						
						
							
						
					 
					
						2020-05-26 13:45:22 -06:00 
						 
				 
			
				
					
						
							
							
								AndyBan 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							22055c5e0f 
							
						 
					 
					
						
						
							
							reverseproxy: Fix https active health checks  #3450  ( #3451 )  
						
						
						
						
							
						
					 
					
						2020-05-26 12:40:57 -06:00 
						 
				 
			
				
					
						
							
							
								Mohammed Al Sahaf 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dfe802aed3 
							
						 
					 
					
						
						
							
							chore: forego the use of deprecated cel func NewIdent in favor of NewVar ( #3444 )  
						
						
						
						
							
						
					 
					
						2020-05-25 03:59:38 +00:00 
						 
				 
			
				
					
						
							
							
								Mohammed Al Sahaf 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7a365af5df 
							
						 
					 
					
						
						
							
							chore: simplify goreleaser flow, add bash completions to .deb ( #3436 )  
						
						
						
						
							
						
					 
					
						2020-05-22 15:13:31 -04:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0cbf467b3f 
							
						 
					 
					
						
						
							
							caddyhttp: Add time.now placeholder and update cel-go ( closes   #2594 )  
						
						
						
						
							
						
					 
					
						2020-05-21 18:19:01 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bb67e19d7b 
							
						 
					 
					
						
						
							
							cmd: hash-password: Fix broken terminal state on SIGINT ( #3416 )  
						
						... 
						
						
						
						* caddyauth: Fix hash-password broken terminal state on SIGINT
* caddycmd: Move TrapSignals calls to only subcommands that run long 
						
						
							
						
					 
					
						2020-05-21 13:09:49 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1dc4ec2d77 
							
						 
					 
					
						
						
							
							admin: Disallow websockets  
						
						... 
						
						
						
						No currently-known exploit here, just being conservative 
						
						
							
						
					 
					
						2020-05-21 12:29:19 -06:00 
						 
				 
			
				
					
						
							
							
								Matt Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							452d4726f7 
							
						 
					 
					
						
						
							
							Update SECURITY.md  
						
						
						
						
							
						
					 
					
						2020-05-20 14:24:47 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2a8a198568 
							
						 
					 
					
						
						
							
							reverseproxy: Don't overwrite existing X-Forwarded-Proto header  
						
						... 
						
						
						
						Correct behavior is not well defined because this is a non-standard
header field. This could be a "hop-by-hop" field much like
X-Forwarded-For is, but even our X-Forwarded-For implementation
preserves prior entries. Or, it could be best to preserve the original
value from the first hop, representing the protocol as facing the
client.
Let's try it the other way for a bit and see how it goes.
See https://caddy.community/t/caddy2-w-wordpress-behind-nginx-reverse-proxy/8174/3?u=matt  
						
						
							
						
					 
					
						2020-05-20 11:33:17 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cc8fb488d3 
							
						 
					 
					
						
						
							
							httpcaddyfile: Improve error on matcher declared outside site block ( #3431 )  
						
						
						
						
							
						
					 
					
						2020-05-20 10:37:48 -06:00 
						 
				 
			
				
					
						
							
							
								Francis Lavoie 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fae064262d 
							
						 
					 
					
						
						
							
							httpcaddyfile: Add auto_https global option ( #3284 )  
						
						
						
						
							
						
					 
					
						2020-05-19 16:59:51 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9ee01dceac 
							
						 
					 
					
						
						
							
							reverseproxy: Make debug log safe if error occurs  
						
						
						
						
							
						
					 
					
						2020-05-18 14:08:11 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							812278acd8 
							
						 
					 
					
						
						
							
							reverseproxy: Emit debug log before checking error ( #3425 )  
						
						... 
						
						
						
						This way the upstream request will always be available even if it failed 
						
						
							
						
					 
					
						2020-05-18 13:50:46 -06:00 
						 
				 
			
				
					
						
							
							
								Matthew Holt 
							
						 
					 
					
						
						
						
						
							
						
						
							c47ddbeffb 
							
						 
					 
					
						
						
							
							pki: Add docs to some struct fields  
						
						
						
						
							
						
					 
					
						2020-05-18 13:50:46 -06:00 
						 
				 
			
				
					
						
							
							
								Thorkild Gregersen 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							483e31b978 
							
						 
					 
					
						
						
							
							templates: trim windows whitespace in SplitFrontMatter;  fix   #3386  ( #3387 )  
						
						... 
						
						
						
						* add test case for SplitFrontMatter showing issue with windows newline
* fix issue with windows newline when using SplitFrontMatter
* Update modules/caddyhttp/templates/frontmatter.go
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* make it mere explicit what is trimmed from firstLine
* Update modules/caddyhttp/templates/frontmatter.go
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com> 
						
						
							
						
					 
					
						2020-05-18 13:01:04 -06:00