Log when auto HTTPS or auto HTTP->HTTPS redirects are disabled

This commit is contained in:
Matthew Holt 2019-09-09 08:25:48 -06:00
parent e12c62e60b
commit 9169cd43d4
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
2 changed files with 25 additions and 0 deletions

View file

@ -234,6 +234,8 @@ func (app *App) automaticHTTPS() error {
// skip if all listeners use the HTTP port
if !srv.listenersUseAnyPortOtherThan(app.HTTPPort) {
log.Printf("[INFO] Server %v is only listening on the HTTP port %d, so no automatic HTTPS will be applied to this server",
srv.Listen, app.HTTPPort)
continue
}
@ -315,6 +317,12 @@ func (app *App) automaticHTTPS() error {
log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains)
// notify user if their config might override the HTTP->HTTPS redirects
if srv.listenersIncludePort(app.HTTPPort) {
log.Printf("[WARNING] Server %v is listening on HTTP port %d, so automatic HTTP->HTTPS redirects may be overridden by your own configuration",
srv.Listen, app.HTTPPort)
}
// create HTTP->HTTPS redirects
for _, addr := range srv.Listen {
netw, host, port, err := caddy.SplitListenAddr(addr)

View file

@ -181,6 +181,23 @@ func (s *Server) listenersUseAnyPortOtherThan(otherPort int) bool {
return false
}
// listenersIncludePort returns true if there are any
// listeners in s that use otherPort.
func (s *Server) listenersIncludePort(otherPort int) bool {
for _, lnAddr := range s.Listen {
_, addrs, err := caddy.ParseListenAddr(lnAddr)
if err == nil {
for _, a := range addrs {
_, port, err := net.SplitHostPort(a)
if err == nil && port == strconv.Itoa(otherPort) {
return true
}
}
}
}
return false
}
func (s *Server) hasTLSClientAuth() bool {
for _, cp := range s.TLSConnPolicies {
if cp.ClientAuthentication != nil && cp.ClientAuthentication.Active() {