Commit graph

1883 commits

Author SHA1 Message Date
Francis Lavoie
30d63648f5
caddyauth: Drop support for scrypt (#6091) 2024-02-12 19:33:54 +00:00
Mohammed Al Sahaf
21744b6c4c
Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100)
This reverts commit e7a534d0a3.
2024-02-12 18:06:22 +00:00
Francis Lavoie
f9e11158bc
caddyauth: Rename basicauth to basic_auth (#6092) 2024-02-12 17:34:23 +00:00
Francis Lavoie
91ec75441a
logging: Inline Caddyfile syntax for ip_mask filter (#6094) 2024-02-12 17:15:35 +00:00
Francis Lavoie
e7a534d0a3
caddyfile: Reject long heredoc markers (#6098)
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-02-11 13:30:14 -05:00
Francis Lavoie
c78ebb3d6a
chore: Rename CI jobs, run on M1 mac (#6089)
* Try macos-14 for fun

* Decouple OS names and VM names

* Shorten `cross-build-test` to `build`
2024-02-09 15:31:26 -07:00
Kévin Dunglas
a6d9f9be5b
Merge pull request #6081 from dunglas/fix/encode-match 2024-02-09 09:41:44 +01:00
Kévin Dunglas
2348ac897a update comment 2024-02-09 09:35:55 +01:00
Kévin Dunglas
d3f23a8eeb improved list 2024-02-09 09:35:55 +01:00
Kévin Dunglas
60abd72c7a fix: add back text/* 2024-02-09 09:35:55 +01:00
Kévin Dunglas
b8f729b88f fix: add more media types to the compressed by default list 2024-02-09 09:35:55 +01:00
Mohammed Al Sahaf
e1aa862e6a
acmeserver: support specifying the allowed challenge types (#5794)
* acmeserver: support specifying the allowed challenge types

* add caddyfile adapt tests

* introduce basic acme_server test

* skip acme test on unsuitable environments

* skip integration tests of ACME

* documentation

* add negative-scenario test for mismatched allowed challenges

* a bit more docs

* fix tests for ACME challenges

* appease the linter

* skip ACME tests on s390x

* enable ACME challenge tests on all machines

* Apply suggestions from code review

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-02-08 11:42:03 +03:00
Francis Lavoie
8c2a72ad07
matchers: Drop forwarded option from remote_ip matcher (#6085) 2024-02-07 10:09:29 -05:00
Francis Lavoie
bde46211e3
caddyhttp: Test cases for %2F and %252F (#6084) 2024-02-07 05:13:17 -05:00
WeidiDeng
bc1e63198d
bump to golang 1.22 (#6083) 2024-02-07 02:13:58 -05:00
Aziz Rmadi
feb07a7b59
fileserver: Browse can show symlink target if enabled (#5973)
* Added optional subdirective to browse allowing to reveal symlink paths.

* Update modules/caddyhttp/fileserver/browsetplcontext.go

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-02-06 04:31:26 +00:00
Aziz Rmadi
a7479302fc
core: Support NO_COLOR env var to disable log coloring (#6078) 2024-02-01 19:12:42 -07:00
dependabot[bot]
223f314331
build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#6080)
Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 2 to 3.
- [Release notes](https://github.com/peter-evans/repository-dispatch/releases)
- [Commits](https://github.com/peter-evans/repository-dispatch/compare/v2...v3)

---
updated-dependencies:
- dependency-name: peter-evans/repository-dispatch
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 18:34:40 -05:00
Matthew Holt
1919c08ecc
Update comment in setcap helper script 2024-01-31 12:59:26 -07:00
Matt Holt
57c5b921a4
caddytls: Make on-demand 'ask' permission modular (#6055)
* caddytls: Make on-demand 'ask' permission modular

This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.

Kicking myself that we didn't do it this way at the beginning, but who coulda known...

* Lint

* Error on conflicting config

* Fix bad merge

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-30 16:11:29 -07:00
Francis Lavoie
e1b9a9d7b0
core: Add ctx.Slogger() which returns an slog logger (#5945) 2024-01-25 12:31:15 -07:00
Marten Seemann
697cc593a1
chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 (#6043)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-01-25 13:58:19 -05:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters (#5961)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
bbaa
c369df5c37
caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) 2024-01-25 14:55:00 +00:00
bbaa
7c48b5fdbb
caddyfile: Switch to slices.Equal for better performance (#6061) 2024-01-25 14:46:08 +00:00
Mohammed Al Sahaf
e965b111cd
tls: modularize trusted CA providers (#5784)
* tls: modularize client authentication trusted CA

* add `omitempty` to `CARaw`

* docs

* initial caddyfile support

* revert anything related to leaf cert validation

The certs are used differently than the CA pool flow

* complete caddyfile unmarshalling implementation

* Caddyfile syntax documentation

* enhance caddyfile parsing and documentation

Apply suggestions from code review

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

* add client_auth caddyfile tests

* add caddyfile unmarshalling tests

* fix and add missed adapt tests

* fix rebase issue

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 11:44:41 +03:00
Francis Lavoie
b9c40e7111
logging: Automatic wrap default for filter encoder (#5980)
Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
2024-01-25 04:00:22 +00:00
Francis Lavoie
f5344f8cad
caddyhttp: Fix panic when request missing ClientIPVarKey (#6040) 2024-01-24 00:45:50 +00:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers (#6037) 2024-01-23 19:36:59 -05:00
Mohammed Al Sahaf
54823f52bc
cmd: reverseproxy: log: use caddy logger (#6042) 2024-01-23 10:52:02 -07:00
Aziz Rmadi
ed7e3c906a
matchers: query now ANDs multiple keys (#6054)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-22 02:36:44 +00:00
bbaa
c0273f1f04
caddyfile: Add heredoc support to fmt command (#6056) 2024-01-22 02:24:49 +00:00
Kévin Dunglas
dba556fe4b refactor: move automaxprocs init in caddycmd.Main() 2024-01-19 11:17:35 +01:00
Aziz Rmadi
d9aded016c
caddyfile: Allow heredoc blank lines (#6051) 2024-01-18 22:57:18 -05:00
Aziz Rmadi
4181c79a81
httpcaddyfile: Add optional status code argument to handle_errors directive (#5965)
Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>
2024-01-16 01:24:17 -05:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root and rewrite parsing to allow omitting matcher (#5844) 2024-01-15 09:57:08 -07:00
Francis Lavoie
f3e849e49f
fileserver: Implement caddyfile.Unmarshaler interface (#5850) 2024-01-13 21:32:44 +00:00
Bas Westerbaan
f658fd05ac
reverseproxy: Add tls_curves option to HTTP transport (#5851) 2024-01-13 20:56:23 +00:00
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing (#5805)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
Aziz Rmadi
80acf1bf23
replacer: Fix escaped closing braces (#5995) 2024-01-13 20:24:03 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs directive (#5833) 2024-01-13 20:12:43 +00:00
Mohammed Al Sahaf
b359ca565c
ci/cd: use the build tag nobadger to exclude badgerdb (#6031)
* ci/cd: use the build tag `nobadger` to exclude badgerdb

* upgrade github.com/google/certificate-transparency-go@master
2024-01-10 21:04:11 +03:00
Subhaditya Nath
c2d889f85e
httpcaddyfile: Fix redir <to> html (#6001) 2024-01-10 12:24:47 +00:00
Zach Galvin
cb86319bd5
httpcaddyfile: Support client auth verifiers (#6022)
* Added verifier case

Update author

* Update verifier to match struct tag

* gci run
2024-01-09 23:14:51 +00:00
Rithvik Vibhu
ed41c924cf
tls: add reuse_private_keys (#6025) 2024-01-09 16:00:31 -07:00
Fred Cox
d9ff7b1872
reverseproxy: Only change Content-Length when full request is buffered (#5830)
fixes: https://github.com/caddyserver/caddy/issues/5829

Signed-off-by: Fred Cox <mcfedr@gmail.com>
2024-01-09 12:59:30 -07:00
Aaron Brady
76611fa150
Switch Solaris-derivatives away from listen_unix (#6021)
Solaris 10 and Illumos are missing SO_REUSEPORT. Treat them more like
Windows (i.e. use the listener pool).
2024-01-06 05:09:20 -05:00
dependabot[bot]
8a50f191bf
build(deps): bump actions/upload-artifact from 3 to 4 (#6013)
* build(deps): bump actions/upload-artifact from 3 to 4

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Disable compression

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-02 08:23:25 +00:00
dependabot[bot]
4f3f6e35e8
build(deps): bump actions/setup-go from 4 to 5 (#6012)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-02 07:13:31 +00:00
Mohammed Al Sahaf
787f6b257f
chore: check against errors of io/fs instead of os (#6011)
* chore: replace `os.ErrNotExist` with `fs.ErrNotExist`

* check against permission error from `io/fs` package
2024-01-02 08:48:55 +03:00