e0f8d9b204
caddytls: Check type assertion
...
Tests / test (./cmd/caddy/caddy, ~1.25.0, ubuntu-latest, 0, 1.25, linux) (push) Failing after 21s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.25.0, 1.25, aix) (push) Failing after 16s
Cross-Build / build (~1.25.0, 1.25, darwin) (push) Failing after 13s
Cross-Build / build (~1.25.0, 1.25, dragonfly) (push) Failing after 13s
Cross-Build / build (~1.25.0, 1.25, freebsd) (push) Failing after 14s
Cross-Build / build (~1.25.0, 1.25, illumos) (push) Failing after 14s
Cross-Build / build (~1.25.0, 1.25, linux) (push) Failing after 13s
Cross-Build / build (~1.25.0, 1.25, netbsd) (push) Failing after 13s
Cross-Build / build (~1.25.0, 1.25, openbsd) (push) Failing after 14s
Cross-Build / build (~1.25.0, 1.25, solaris) (push) Failing after 14s
Cross-Build / build (~1.25.0, 1.25, windows) (push) Failing after 14s
Lint / lint (ubuntu-latest, linux) (push) Failing after 14s
Lint / govulncheck (push) Successful in 1m16s
Lint / dependency-review (push) Failing after 14s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 13s
Tests / test (./cmd/caddy/caddy, ~1.25.0, macos-14, 0, 1.25, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.25.0, windows-latest, True, 1.25, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
Fix https://github.com/mholt/caddy-l4/issues/378
2026-02-03 13:59:53 -07:00
6a4296b1a4
caddytls: panic when using tls.ca_pool.source.http -> tls.ca ( #7393 )
Tests / test (./cmd/caddy/caddy, ~1.25.0, ubuntu-latest, 0, 1.25, linux) (push) Failing after 19s
Tests / test (s390x on IBM Z) (push) Has been skipped
Tests / goreleaser-check (push) Has been skipped
Cross-Build / build (~1.25.0, 1.25, aix) (push) Failing after 18s
Cross-Build / build (~1.25.0, 1.25, darwin) (push) Failing after 17s
Cross-Build / build (~1.25.0, 1.25, dragonfly) (push) Failing after 31s
Cross-Build / build (~1.25.0, 1.25, freebsd) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, illumos) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, linux) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, netbsd) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, openbsd) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, solaris) (push) Failing after 15s
Cross-Build / build (~1.25.0, 1.25, windows) (push) Failing after 15s
Lint / lint (ubuntu-latest, linux) (push) Failing after 14s
Lint / govulncheck (push) Successful in 1m27s
Lint / dependency-review (push) Failing after 16s
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 45s
Tests / test (./cmd/caddy/caddy, ~1.25.0, macos-14, 0, 1.25, mac) (push) Has been cancelled
Tests / test (./cmd/caddy/caddy.exe, ~1.25.0, windows-latest, True, 1.25, windows) (push) Has been cancelled
Lint / lint (macos-14, mac) (push) Has been cancelled
Lint / lint (windows-latest, windows) (push) Has been cancelled
2025-12-11 19:27:15 +00:00
7ebe72bbfe
caddypki: Add support for multiple intermediates in signing chain ( #7057 )
...
* caddypki: Add support for multiple intermediates in signing chain
* Move intermediate lifetime configuration check
In #7272 a check was changed to ensure that generated intermediate
certificates would always use a lifetime that falls within the
lifetime of the root. However, when a root and intermediate(s)
are supplied, the configuration value was being used instead of
the actual lifetimes of the certificates. The check was moved to
only be performed when an intermediate is generated; not when
loaded from disk.
* Add tests for `pemDecodeCertificateChain` and `pemDecodeCertificate`
* Use `crypto.Signer` instead of `any` in appropriate places
* Use latest Smallstep packages
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com >
2025-12-03 11:30:00 -07:00
a6a45ff6c5
context: AppIfConfigured returns error; consider not-yet-provisioned modules ( #6292 )
...
* context: Add new `AppStrict()` method to avoid instantiating empty apps
* Rename AppStrict -> AppIfConfigured
---------
Co-authored-by: Matthew Holt <mholt@users.noreply.github.com >
2024-05-20 11:14:58 -06:00
e60148ecc3
reverseproxy: Pointer to struct when loading modules; remove LazyCertPool ( #6307 )
...
* use pointer when loading modules
* change method to pointer type and remove LazyCertPool
* remove lazy pool test
* remove yet another lazy pool test
2024-05-08 19:13:37 -06:00
81413caea2
caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes ( #6229 )
...
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades
* caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME
* Fix go.mod
* caddytls: Fix automation related to managers (fix #6060 )
* Fix typo (appease linter)
* Fix HTTP validation with ZeroSSL API
2024-04-13 21:31:43 -04:00
e965b111cd
tls: modularize trusted CA providers ( #5784 )
...
* tls: modularize client authentication trusted CA
* add `omitempty` to `CARaw`
* docs
* initial caddyfile support
* revert anything related to leaf cert validation
The certs are used differently than the CA pool flow
* complete caddyfile unmarshalling implementation
* Caddyfile syntax documentation
* enhance caddyfile parsing and documentation
Apply suggestions from code review
Co-authored-by: Francis Lavoie <lavofr@gmail.com >
* add client_auth caddyfile tests
* add caddyfile unmarshalling tests
* fix and add missed adapt tests
* fix rebase issue
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com >
2024-01-25 11:44:41 +03:00
Matthew Holt
Paul B
Herman Slatman
Francis Lavoie
WeidiDeng
Mohammed Al Sahaf