Commit graph

127 commits

Author SHA1 Message Date
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing ()
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
Mohammed Al Sahaf
3b3d678714
Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations ()" () 2023-11-01 13:17:02 -04:00
Harish Shan
c8559c4485
caddyhttp: Use sync.Pool to reduce lengthReader allocations ()
* Use sync.Pool to reduce lengthReader allocations

Signed-off-by: Harish Shan <140232061+perhapsmaple@users.noreply.github.com>

* Add defer putLengthReader to prevent leak

Signed-off-by: Harish Shan <140232061+perhapsmaple@users.noreply.github.com>

* Cleanup in putLengthReader

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

---------

Signed-off-by: Harish Shan <140232061+perhapsmaple@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-10-16 14:42:01 -06:00
WeidiDeng
7c82e265da
core: quic listener will manage the underlying socket by itself ()
* core: quic listener will manage the underlying socket by itself.

* format code

* rename sharedQUICTLSConfig to sharedQUICState, and it will now manage the number of active requests

* add comment

* strict unwrap type

* fix unwrap

* remove comment
2023-10-16 09:28:15 -06:00
Jacob Gadikian
d6f86cccf5
ci: use gci linter ()
* use gofmput to format code

* use gci to format imports

* reconfigure gci

* linter autofixes

* rearrange imports a little

* export GOOS=windows golangci-lint run ./... --fix
2023-08-14 09:41:15 -06:00
Matt Holt
6cdcc2a782
ci: Update to Go 1.21 ()
* ci: Update to Go 1.21

* Bump quic-go to v0.37.4

* Check EnableFullDuplex err

* Linter bug suppression

See https://github.com/timakin/bodyclose/issues/52

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-08-09 12:34:28 -04:00
Matthew Holt
431adc0980
templates: Fix httpInclude (fix )
Allowable during feature freeze because this is a simple, non-invasive
bug fix only.
2023-08-07 12:53:21 -06:00
Francis Lavoie
cd486c25d1
caddyhttp: Make use of http.ResponseController ()
* caddyhttp: Make use of http.ResponseController

Also syncs the reverseproxy implementation with stdlib's which now uses ResponseController as well 2449bbb5e6

* Enable full-duplex for HTTP/1.1

* Appease linter

* Add warning for builds with Go 1.20, so it's less surprising to users

* Improved godoc for EnableFullDuplex, copied text from stdlib

* Only wrap in encode if not already wrapped
2023-08-02 20:03:26 +00:00
Dominik Roos
6a41b62e70
caddyhttp: Support custom network for HTTP/3 ()
Allow registering a custom network mapping for HTTP/3. This is useful
if the original network for HTTP/1.1 and HTTP/2 is not a standard `unix`,
`tcp4`, or `tcp6` network. To keep backwards compatibility, we fall back
to `udp` if the original network is not registered in the mapping.

Fixes 
2023-06-13 19:33:39 -06:00
WeidiDeng
29452647d8
caddyhttp: Fix h3 shutdown ()
* swap h3server close and listener close, avoid quic-listener not closing

* fix typo
2023-05-19 10:00:00 -06:00
Francis Lavoie
cbf16f6d9e
caddyhttp: Implement named routes, invoke directive ()
* caddyhttp: Implement named routes, `invoke` directive

* gofmt

* Add experimental marker

* Adjust route compile comments
2023-05-16 15:27:52 +00:00
jjiang-stripe
cfc85ae8ca
caddyhttp: Add a getter for Server.name () 2023-05-11 10:34:05 -06:00
Dave Henderson
f0e3981774
logging: Add traceID field to access logs when tracing is active ()
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-04-27 02:46:41 +00:00
WeidiDeng
d8d87a378f
caddyhttp: Serve http2 when listener wrapper doesn't return *tls.Conn ()
* Serve http2 when listener wrapper doesn't return *tls.Conn

* close conn when h2server serveConn returns

* merge from upstream

* rebase from latest

* run New and Closed ConnState hook for h2 conns

* go fmt

* fix lint

* Add comments

* reorder import
2023-04-10 17:05:02 +00:00
Francis Lavoie
2b3046de36
caddyhttp: Log request body bytes read () 2023-03-27 22:40:15 +00:00
Francis Lavoie
05e9974570
caddyhttp: Determine real client IP if trusted proxies configured ()
* caddyhttp: Determine real client IP if trusted proxies configured

* Support customizing client IP header

* Implement client_ip matcher, deprecate remote_ip's forwarded option
2023-03-27 20:22:59 +00:00
Francis Lavoie
12bcbe2c49
caddyhttp: Pluggable trusted proxy IP range sources ()
* caddyhttp: Pluggable trusted proxy IP range sources

* Add request to the IPRangeSource interface
2023-02-06 12:44:11 -07:00
Francis Lavoie
e62b5fb586
chore: Build with Go 1.20, keep minimum at 1.18 for now () 2023-02-06 11:29:20 -05:00
Francis Lavoie
223cbe3d0b
caddyhttp: Add server-level trusted_proxies config () 2023-01-10 00:08:23 -05:00
Matt Holt
6bad878a22
httpcaddyfile: Improve detection of indistinguishable TLS automation policies ()
* httpcaddyfile: Skip some logic if auto_https off

* Try removing this check altogether...

* Refine test timeouts slightly, sigh

* caddyhttp: Assume udp for unrecognized network type

Seems like the reasonable thing to do if a plugin registers its own
network type.

* Add comment to document my lack of knowledge

* Clean up and prepare to merge

Add comments to try to explain what happened
2022-10-13 11:30:57 -06:00
Francis Lavoie
99ffe93388
logging: Fix skip_hosts with wildcards ()
Fix 
2022-10-05 12:14:13 -06:00
Matt Holt
e3e8aabbcf
core: Refactor and improve listener logic ()
* core: Refactor, improve listener logic

Deprecate:
- caddy.Listen
- caddy.ListenTimeout
- caddy.ListenPacket

Prefer caddy.NetworkAddress.Listen() instead.

Change:
- caddy.ListenQUIC (hopefully to remove later)
- caddy.ListenerFunc signature (add context and ListenConfig)

- Don't emit Alt-Svc header advertising h3 over HTTP/3

- Use quic.ListenEarly instead of quic.ListenEarlyAddr; this gives us
more flexibility (e.g. possibility of HTTP/3 over UDS) but also
introduces a new issue:
https://github.com/lucas-clemente/quic-go/issues/3560#issuecomment-1258959608

- Unlink unix socket before and after use

* Appease the linter

* Keep ListenAll
2022-09-28 13:35:51 -06:00
Matthew Holt
9206e8a738 Tweak some comments 2022-09-21 12:59:44 -06:00
WeidiDeng
bffc258732
caddyhttp: Support configuring Server from handler provisioning ()
* configuring http.Server from handlers.

* Minor tweaks

* Run gofmt

Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2022-09-16 14:48:55 -06:00
Matt Holt
74547f5bed
caddyhttp: Make metrics opt-in ()
* caddyhttp: Make metrics opt-in

Related to 

* Make configurable in Caddyfile
2022-09-16 13:32:49 -06:00
Francis Lavoie
9ad0ebc956
caddyhttp: Add 'skip_log' var to omit request from logs ()
* caddyhttp: Implement `skip_log` handler

* Refactor to use vars middleware

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-09-15 10:05:36 -06:00
Matthew Holt
076a8b8095
Very minor tweaks 2022-09-08 13:10:40 -06:00
Matt Holt
d3c3fa10bd
core: Refactor listeners; use SO_REUSEPORT on Unix ()
* core: Refactor listeners; use SO_REUSEPORT on Unix

Just an experiment for now

* Fix lint by logging error

* TCP Keepalive configuration ()

* initial attempt at TCP Keepalive configuration

* core: implement tcp-keepalive for linux

* move canSetKeepAlive interface

* Godoc for keepalive server parameter

* handle return values

* log keepalive errors

* Clean up after bad merge

* Merge in pluggable network types

From 1edc1a45e3

* Slight refactor, fix from recent merge conflict

Co-authored-by: Karmanyaah Malhotra <karmanyaah.gh@malhotra.cc>
2022-09-02 16:59:11 -06:00
Matthew Holt
005c5a6382
Minor style adjustments for HTTP redir logging 2022-09-02 13:04:31 -06:00
Francis Lavoie
d062fb4020
caddyhttp: Copy logger config to HTTP server during AutoHTTPS () 2022-09-01 23:31:54 -04:00
Matt Holt
1edc1a45e3
core: Plugins can register listener networks ()
* core: Plugins can register listener networks

This can be useful for custom listeners.

This feature/API is experimental and may change!

* caddyhttp: Expose server listeners
2022-09-01 16:30:03 -06:00
Matthew Holt
cb849bd664
caddyhttp: Disable draft versions of QUIC
See comment in 
2022-08-31 18:49:34 -06:00
Francis Lavoie
d4d8bbcfc6
events: Implement event system ()
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-08-31 15:01:30 -06:00
Francis Lavoie
a22c08a638
caddyhttp: Fix for nil handlerErr.Err () 2022-08-23 08:17:46 -06:00
Francis Lavoie
72541f1cb8
caddyhttp: Set http.error.message to the HandlerError message () 2022-08-22 23:31:07 -06:00
Matt Holt
c79c08627d
caddyhttp: Enable HTTP/3 by default () 2022-08-15 12:01:58 -06:00
Matt Holt
1960a0dc11
httpserver: Configurable shutdown delay () 2022-08-03 11:04:51 -06:00
Francis Lavoie
141872ed80
chore: Bump up to Go 1.19, minimum 1.18 () 2022-08-02 16:39:09 -04:00
Matt Holt
f783290f40
caddyhttp: Implement caddy respond command () 2022-08-01 13:36:22 -06:00
Francis Lavoie
3e3bb00265
reverseproxy: Add _ms placeholders for proxy durations ()
* reverseproxy: Add `_ms` placeholders for proxy durations

* Add http.request.duration_ms

Also add comments, and change duration_sec to duration_ms

* Add response.duration_ms for consistency

* Add missing godoc comment

Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2022-04-11 13:04:05 -06:00
Matthew Holt
3d616e8c6d
requestbody: Return HTTP 413 (fix ) 2022-03-11 12:34:55 -07:00
Matt Holt
2bb8550a4c
caddyhttp: Honor wildcard hosts in log SkipHosts () 2022-03-04 13:44:59 -07:00
Francis Lavoie
ddbb234d91
caddyhttp: Always log handled errors at debug level () 2022-02-19 15:10:49 -07:00
Matt Holt
bf380d00ab
caddyhttp: Reject absurd methods ()
* caddyhttp: Reject absurdly long methods

* Limit method to 32 chars and truncate

* Just reject the request and debug-log it

* Log remote address
2022-01-19 13:44:09 -07:00
rayjlinden
850e1605df
caddyhttp: Return HTTP 421 for mismatched Host header ()
Potential fix for  although the consensus is unclear.

Made change to return status code 421 instead of 403 when StrictSNIHost matching is on.
2022-01-12 14:24:22 -07:00
Francis Lavoie
5bf0adad87
caddyhttp: Make logging of credential headers opt-in () 2021-12-02 13:26:24 -07:00
Matt Holt
0eb0b60f47
logging: Remove common_log field and single_field encoder () () 2021-11-29 01:08:52 -05:00
Francis Lavoie
eead337324
caddyhttp: Log non-500 handler errors at debug level ()
Fixes 

It's best to still log handler errors at debug level so that they're hidden by default, but still accessible if additional details are necessary.
2021-11-22 11:58:25 -07:00
Francis Lavoie
124ba1ba71
logging: Prep for common_log removal ()
See https://github.com/caddyserver/caddy/issues/4148#issuecomment-833207811
2021-07-14 11:07:38 -06:00
Francis Lavoie
1c6c7714a3
caddyhttp: Fix edgecase with auto HTTP->HTTPS logic () 2021-07-14 10:49:34 -06:00