2019-08-21 11:46:35 -05:00
|
|
|
// Copyright 2015 Matthew Holt and The Caddy Authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package httpcaddyfile
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2020-04-02 15:20:30 -05:00
|
|
|
"net"
|
2020-01-15 15:51:12 -05:00
|
|
|
"sort"
|
2020-04-02 15:20:30 -05:00
|
|
|
"strconv"
|
2020-02-25 23:56:43 -05:00
|
|
|
"strings"
|
2019-08-21 11:46:35 -05:00
|
|
|
|
|
|
|
"github.com/caddyserver/caddy/v2"
|
|
|
|
"github.com/caddyserver/caddy/v2/caddyconfig"
|
|
|
|
"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
|
|
|
|
"github.com/caddyserver/caddy/v2/modules/caddyhttp"
|
|
|
|
)
|
|
|
|
|
2020-01-16 14:09:54 -05:00
|
|
|
// directiveOrder specifies the order
|
2019-08-21 11:46:35 -05:00
|
|
|
// to apply directives in HTTP routes.
|
2020-03-28 20:07:51 -05:00
|
|
|
//
|
|
|
|
// The root directive goes first in case rewrites or
|
|
|
|
// redirects depend on existence of files, i.e. the
|
|
|
|
// file matcher, which must know the root first.
|
|
|
|
//
|
|
|
|
// The header directive goes second so that headers
|
|
|
|
// can be manipulated before doing redirects.
|
2020-01-16 14:09:54 -05:00
|
|
|
var directiveOrder = []string{
|
2020-03-28 20:07:51 -05:00
|
|
|
"root",
|
|
|
|
|
2020-03-22 10:04:40 -05:00
|
|
|
"header",
|
|
|
|
|
2020-01-17 13:38:49 -05:00
|
|
|
"redir",
|
2019-08-21 11:46:35 -05:00
|
|
|
"rewrite",
|
2020-01-16 19:08:52 -05:00
|
|
|
|
2020-03-22 10:04:40 -05:00
|
|
|
// URI manipulation
|
2020-03-19 12:51:28 -05:00
|
|
|
"uri",
|
2019-08-21 11:46:35 -05:00
|
|
|
"try_files",
|
2020-01-17 13:38:49 -05:00
|
|
|
|
2020-03-22 10:04:40 -05:00
|
|
|
// middleware handlers; some wrap responses
|
2019-10-10 15:37:27 -05:00
|
|
|
"basicauth",
|
2019-09-11 19:48:37 -05:00
|
|
|
"request_header",
|
2019-08-21 11:46:35 -05:00
|
|
|
"encode",
|
|
|
|
"templates",
|
2020-01-16 19:08:52 -05:00
|
|
|
|
2020-03-22 10:04:40 -05:00
|
|
|
// special routing directives
|
2020-01-16 19:08:52 -05:00
|
|
|
"handle",
|
2020-01-09 16:00:32 -05:00
|
|
|
"route",
|
2020-01-16 19:08:52 -05:00
|
|
|
|
2020-02-17 00:24:20 -05:00
|
|
|
// handlers that typically respond to requests
|
2019-09-16 12:04:18 -05:00
|
|
|
"respond",
|
2019-08-21 11:46:35 -05:00
|
|
|
"reverse_proxy",
|
2019-09-11 13:02:35 -05:00
|
|
|
"php_fastcgi",
|
2019-08-21 11:46:35 -05:00
|
|
|
"file_server",
|
|
|
|
}
|
|
|
|
|
2020-01-16 19:08:52 -05:00
|
|
|
// directiveIsOrdered returns true if dir is
|
|
|
|
// a known, ordered (sorted) directive.
|
|
|
|
func directiveIsOrdered(dir string) bool {
|
|
|
|
for _, d := range directiveOrder {
|
|
|
|
if d == dir {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2019-08-21 11:46:35 -05:00
|
|
|
// RegisterDirective registers a unique directive dir with an
|
|
|
|
// associated unmarshaling (setup) function. When directive dir
|
|
|
|
// is encountered in a Caddyfile, setupFunc will be called to
|
|
|
|
// unmarshal its tokens.
|
|
|
|
func RegisterDirective(dir string, setupFunc UnmarshalFunc) {
|
|
|
|
if _, ok := registeredDirectives[dir]; ok {
|
|
|
|
panic("directive " + dir + " already registered")
|
|
|
|
}
|
|
|
|
registeredDirectives[dir] = setupFunc
|
|
|
|
}
|
|
|
|
|
|
|
|
// RegisterHandlerDirective is like RegisterDirective, but for
|
|
|
|
// directives which specifically output only an HTTP handler.
|
2019-12-12 17:27:09 -05:00
|
|
|
// Directives registered with this function will always have
|
|
|
|
// an optional matcher token as the first argument.
|
2019-08-21 11:46:35 -05:00
|
|
|
func RegisterHandlerDirective(dir string, setupFunc UnmarshalHandlerFunc) {
|
|
|
|
RegisterDirective(dir, func(h Helper) ([]ConfigValue, error) {
|
|
|
|
if !h.Next() {
|
|
|
|
return nil, h.ArgErr()
|
|
|
|
}
|
|
|
|
|
|
|
|
matcherSet, ok, err := h.MatcherToken()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if ok {
|
2019-11-04 15:43:39 -05:00
|
|
|
// strip matcher token; we don't need to
|
|
|
|
// use the return value here because a
|
|
|
|
// new dispenser should have been made
|
|
|
|
// solely for this directive's tokens,
|
|
|
|
// with no other uses of same slice
|
|
|
|
h.Dispenser.Delete()
|
2019-08-21 11:46:35 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
h.Dispenser.Reset() // pretend this lookahead never happened
|
|
|
|
val, err := setupFunc(h)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return h.NewRoute(matcherSet, val), nil
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
// Helper is a type which helps setup a value from
|
|
|
|
// Caddyfile tokens.
|
|
|
|
type Helper struct {
|
|
|
|
*caddyfile.Dispenser
|
2020-03-04 11:58:49 -05:00
|
|
|
// State stores intermediate variables during caddyfile adaptation.
|
|
|
|
State map[string]interface{}
|
2020-01-16 13:29:20 -05:00
|
|
|
options map[string]interface{}
|
|
|
|
warnings *[]caddyconfig.Warning
|
|
|
|
matcherDefs map[string]caddy.ModuleMap
|
|
|
|
parentBlock caddyfile.ServerBlock
|
2020-01-16 19:08:52 -05:00
|
|
|
groupCounter counter
|
2019-08-21 16:50:02 -05:00
|
|
|
}
|
|
|
|
|
2019-09-30 10:11:30 -05:00
|
|
|
// Option gets the option keyed by name.
|
|
|
|
func (h Helper) Option(name string) interface{} {
|
|
|
|
return h.options[name]
|
|
|
|
}
|
|
|
|
|
2019-08-21 16:50:02 -05:00
|
|
|
// Caddyfiles returns the list of config files from
|
|
|
|
// which tokens in the current server block were loaded.
|
|
|
|
func (h Helper) Caddyfiles() []string {
|
|
|
|
// first obtain set of names of files involved
|
|
|
|
// in this server block, without duplicates
|
|
|
|
files := make(map[string]struct{})
|
|
|
|
for _, segment := range h.parentBlock.Segments {
|
|
|
|
for _, token := range segment {
|
|
|
|
files[token.File] = struct{}{}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// then convert the set into a slice
|
|
|
|
filesSlice := make([]string, 0, len(files))
|
|
|
|
for file := range files {
|
|
|
|
filesSlice = append(filesSlice, file)
|
|
|
|
}
|
|
|
|
return filesSlice
|
2019-08-21 11:46:35 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
// JSON converts val into JSON. Any errors are added to warnings.
|
2019-12-12 17:27:09 -05:00
|
|
|
func (h Helper) JSON(val interface{}) json.RawMessage {
|
2019-08-21 11:46:35 -05:00
|
|
|
return caddyconfig.JSON(val, h.warnings)
|
|
|
|
}
|
|
|
|
|
2020-01-16 19:08:52 -05:00
|
|
|
// MatcherToken assumes the next argument token is (possibly) a matcher,
|
|
|
|
// and if so, returns the matcher set along with a true value. If the next
|
2019-08-21 11:46:35 -05:00
|
|
|
// token is not a matcher, nil and false is returned. Note that a true
|
|
|
|
// value may be returned with a nil matcher set if it is a catch-all.
|
2019-12-10 15:36:46 -05:00
|
|
|
func (h Helper) MatcherToken() (caddy.ModuleMap, bool, error) {
|
2019-08-21 11:46:35 -05:00
|
|
|
if !h.NextArg() {
|
|
|
|
return nil, false, nil
|
|
|
|
}
|
|
|
|
return matcherSetFromMatcherToken(h.Dispenser.Token(), h.matcherDefs, h.warnings)
|
|
|
|
}
|
|
|
|
|
2020-02-27 23:03:45 -05:00
|
|
|
// ExtractMatcherSet is like MatcherToken, except this is a higher-level
|
|
|
|
// method that returns the matcher set described by the matcher token,
|
|
|
|
// or nil if there is none, and deletes the matcher token from the
|
|
|
|
// dispenser and resets it as if this look-ahead never happened. Useful
|
|
|
|
// when wrapping a route (one or more handlers) in a user-defined matcher.
|
|
|
|
func (h Helper) ExtractMatcherSet() (caddy.ModuleMap, error) {
|
|
|
|
matcherSet, hasMatcher, err := h.MatcherToken()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if hasMatcher {
|
|
|
|
h.Dispenser.Delete() // strip matcher token
|
|
|
|
}
|
|
|
|
h.Dispenser.Reset() // pretend this lookahead never happened
|
|
|
|
return matcherSet, nil
|
|
|
|
}
|
|
|
|
|
2019-08-21 11:46:35 -05:00
|
|
|
// NewRoute returns config values relevant to creating a new HTTP route.
|
2019-12-10 15:36:46 -05:00
|
|
|
func (h Helper) NewRoute(matcherSet caddy.ModuleMap,
|
2019-08-21 11:46:35 -05:00
|
|
|
handler caddyhttp.MiddlewareHandler) []ConfigValue {
|
2019-12-12 17:27:09 -05:00
|
|
|
mod, err := caddy.GetModule(caddy.GetModuleID(handler))
|
2019-08-21 11:46:35 -05:00
|
|
|
if err != nil {
|
2019-12-12 17:27:09 -05:00
|
|
|
*h.warnings = append(*h.warnings, caddyconfig.Warning{
|
|
|
|
File: h.File(),
|
|
|
|
Line: h.Line(),
|
|
|
|
Message: err.Error(),
|
|
|
|
})
|
|
|
|
return nil
|
2019-08-21 11:46:35 -05:00
|
|
|
}
|
2019-12-10 15:36:46 -05:00
|
|
|
var matcherSetsRaw []caddy.ModuleMap
|
2019-08-21 11:46:35 -05:00
|
|
|
if matcherSet != nil {
|
|
|
|
matcherSetsRaw = append(matcherSetsRaw, matcherSet)
|
|
|
|
}
|
|
|
|
return []ConfigValue{
|
|
|
|
{
|
|
|
|
Class: "route",
|
|
|
|
Value: caddyhttp.Route{
|
|
|
|
MatcherSetsRaw: matcherSetsRaw,
|
2019-12-10 15:36:46 -05:00
|
|
|
HandlersRaw: []json.RawMessage{caddyconfig.JSONModuleObject(handler, "handler", mod.ID.Name(), h.warnings)},
|
2019-08-21 11:46:35 -05:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-01-16 14:09:54 -05:00
|
|
|
// GroupRoutes adds the routes (caddyhttp.Route type) in vals to the
|
|
|
|
// same group, if there is more than one route in vals.
|
2020-01-16 13:29:20 -05:00
|
|
|
func (h Helper) GroupRoutes(vals []ConfigValue) {
|
|
|
|
// ensure there's at least two routes; group of one is pointless
|
|
|
|
var count int
|
|
|
|
for _, v := range vals {
|
|
|
|
if _, ok := v.Value.(caddyhttp.Route); ok {
|
|
|
|
count++
|
|
|
|
if count > 1 {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if count < 2 {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// now that we know the group will have some effect, do it
|
2020-01-16 19:08:52 -05:00
|
|
|
groupName := h.groupCounter.nextGroup()
|
2020-01-16 14:09:54 -05:00
|
|
|
for i := range vals {
|
2020-01-16 13:29:20 -05:00
|
|
|
if route, ok := vals[i].Value.(caddyhttp.Route); ok {
|
2020-01-16 19:08:52 -05:00
|
|
|
route.Group = groupName
|
2020-01-16 13:29:20 -05:00
|
|
|
vals[i].Value = route
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-08-21 11:46:35 -05:00
|
|
|
// NewBindAddresses returns config values relevant to adding
|
|
|
|
// listener bind addresses to the config.
|
|
|
|
func (h Helper) NewBindAddresses(addrs []string) []ConfigValue {
|
|
|
|
return []ConfigValue{{Class: "bind", Value: addrs}}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ConfigValue represents a value to be added to the final
|
|
|
|
// configuration, or a value to be consulted when building
|
|
|
|
// the final configuration.
|
|
|
|
type ConfigValue struct {
|
|
|
|
// The kind of value this is. As the config is
|
|
|
|
// being built, the adapter will look in the
|
|
|
|
// "pile" for values belonging to a certain
|
|
|
|
// class when it is setting up a certain part
|
|
|
|
// of the config. The associated value will be
|
|
|
|
// type-asserted and placed accordingly.
|
|
|
|
Class string
|
|
|
|
|
|
|
|
// The value to be used when building the config.
|
|
|
|
// Generally its type is associated with the
|
|
|
|
// name of the Class.
|
|
|
|
Value interface{}
|
|
|
|
|
|
|
|
directive string
|
|
|
|
}
|
|
|
|
|
2020-01-16 19:08:52 -05:00
|
|
|
func sortRoutes(routes []ConfigValue) {
|
2020-01-16 14:09:54 -05:00
|
|
|
dirPositions := make(map[string]int)
|
|
|
|
for i, dir := range directiveOrder {
|
|
|
|
dirPositions[dir] = i
|
|
|
|
}
|
|
|
|
|
2020-01-15 15:51:12 -05:00
|
|
|
// while we are sorting, we will need to decode a route's path matcher
|
|
|
|
// in order to sub-sort by path length; we can amortize this operation
|
|
|
|
// for efficiency by storing the decoded matchers in a slice
|
2020-01-16 19:08:52 -05:00
|
|
|
decodedMatchers := make([]caddyhttp.MatchPath, len(routes))
|
2020-01-15 15:51:12 -05:00
|
|
|
|
2020-01-16 19:08:52 -05:00
|
|
|
sort.SliceStable(routes, func(i, j int) bool {
|
|
|
|
iDir, jDir := routes[i].directive, routes[j].directive
|
2020-01-15 15:51:12 -05:00
|
|
|
if iDir == jDir {
|
|
|
|
// directives are the same; sub-sort by path matcher length
|
|
|
|
// if there's only one matcher set and one path (common case)
|
2020-01-16 19:08:52 -05:00
|
|
|
iRoute, ok := routes[i].Value.(caddyhttp.Route)
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
jRoute, ok := routes[j].Value.(caddyhttp.Route)
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
2020-01-15 15:51:12 -05:00
|
|
|
|
2020-02-28 15:38:12 -05:00
|
|
|
// use already-decoded matcher, or decode if it's the first time seeing it
|
|
|
|
iPM, jPM := decodedMatchers[i], decodedMatchers[j]
|
|
|
|
if iPM == nil && len(iRoute.MatcherSetsRaw) == 1 {
|
|
|
|
var pathMatcher caddyhttp.MatchPath
|
|
|
|
_ = json.Unmarshal(iRoute.MatcherSetsRaw[0]["path"], &pathMatcher)
|
|
|
|
decodedMatchers[i] = pathMatcher
|
|
|
|
iPM = pathMatcher
|
|
|
|
}
|
|
|
|
if jPM == nil && len(jRoute.MatcherSetsRaw) == 1 {
|
|
|
|
var pathMatcher caddyhttp.MatchPath
|
|
|
|
_ = json.Unmarshal(jRoute.MatcherSetsRaw[0]["path"], &pathMatcher)
|
|
|
|
decodedMatchers[j] = pathMatcher
|
|
|
|
jPM = pathMatcher
|
|
|
|
}
|
|
|
|
|
2020-02-28 15:49:51 -05:00
|
|
|
// sort by longer path (more specific) first; missing
|
|
|
|
// path matchers are treated as zero-length paths
|
|
|
|
var iPathLen, jPathLen int
|
|
|
|
if iPM != nil {
|
|
|
|
iPathLen = len(iPM[0])
|
|
|
|
}
|
|
|
|
if jPM != nil {
|
|
|
|
jPathLen = len(jPM[0])
|
2020-01-15 15:51:12 -05:00
|
|
|
}
|
2020-02-28 15:49:51 -05:00
|
|
|
return iPathLen > jPathLen
|
2020-01-15 15:51:12 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return dirPositions[iDir] < dirPositions[jDir]
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2020-02-17 00:24:20 -05:00
|
|
|
// parseSegmentAsSubroute parses the segment such that its subdirectives
|
|
|
|
// are themselves treated as directives, from which a subroute is built
|
|
|
|
// and returned.
|
|
|
|
func parseSegmentAsSubroute(h Helper) (caddyhttp.MiddlewareHandler, error) {
|
|
|
|
var allResults []ConfigValue
|
2020-02-25 23:56:43 -05:00
|
|
|
|
2020-02-17 00:24:20 -05:00
|
|
|
for h.Next() {
|
2020-02-25 23:56:43 -05:00
|
|
|
// slice the linear list of tokens into top-level segments
|
|
|
|
var segments []caddyfile.Segment
|
2020-02-17 00:24:20 -05:00
|
|
|
for nesting := h.Nesting(); h.NextBlock(nesting); {
|
2020-02-25 23:56:43 -05:00
|
|
|
segments = append(segments, h.NextSegment())
|
|
|
|
}
|
2020-02-17 00:24:20 -05:00
|
|
|
|
2020-02-25 23:56:43 -05:00
|
|
|
// copy existing matcher definitions so we can augment
|
|
|
|
// new ones that are defined only in this scope
|
|
|
|
matcherDefs := make(map[string]caddy.ModuleMap, len(h.matcherDefs))
|
|
|
|
for key, val := range h.matcherDefs {
|
|
|
|
matcherDefs[key] = val
|
|
|
|
}
|
|
|
|
|
|
|
|
// find and extract any embedded matcher definitions in this scope
|
|
|
|
for i, seg := range segments {
|
|
|
|
if strings.HasPrefix(seg.Directive(), matcherPrefix) {
|
|
|
|
err := parseMatcherDefinitions(caddyfile.NewDispenser(seg), matcherDefs)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
segments = append(segments[:i], segments[i+1:]...)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// with matchers ready to go, evaluate each directive's segment
|
|
|
|
for _, seg := range segments {
|
|
|
|
dir := seg.Directive()
|
2020-02-17 00:24:20 -05:00
|
|
|
dirFunc, ok := registeredDirectives[dir]
|
|
|
|
if !ok {
|
|
|
|
return nil, h.Errf("unrecognized directive: %s", dir)
|
|
|
|
}
|
|
|
|
|
|
|
|
subHelper := h
|
2020-02-25 23:56:43 -05:00
|
|
|
subHelper.Dispenser = caddyfile.NewDispenser(seg)
|
|
|
|
subHelper.matcherDefs = matcherDefs
|
2020-02-17 00:24:20 -05:00
|
|
|
|
|
|
|
results, err := dirFunc(subHelper)
|
|
|
|
if err != nil {
|
|
|
|
return nil, h.Errf("parsing caddyfile tokens for '%s': %v", dir, err)
|
|
|
|
}
|
|
|
|
for _, result := range results {
|
|
|
|
result.directive = dir
|
|
|
|
allResults = append(allResults, result)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-02-25 23:56:43 -05:00
|
|
|
|
|
|
|
return buildSubroute(allResults, h.groupCounter)
|
2020-02-17 00:24:20 -05:00
|
|
|
}
|
|
|
|
|
2020-04-02 15:20:30 -05:00
|
|
|
// serverBlock pairs a Caddyfile server block with
|
|
|
|
// a "pile" of config values, keyed by class name,
|
|
|
|
// as well as its parsed keys for convenience.
|
2019-08-21 11:46:35 -05:00
|
|
|
type serverBlock struct {
|
|
|
|
block caddyfile.ServerBlock
|
|
|
|
pile map[string][]ConfigValue // config values obtained from directives
|
2020-04-02 15:20:30 -05:00
|
|
|
keys []Address
|
|
|
|
}
|
|
|
|
|
|
|
|
// hostsFromKeys returns a list of all the non-empty hostnames found in
|
httpcaddyfile, caddytls: Multiple edge case fixes; add tests
- Create two default automation policies; if the TLS app is used in
isolation with the 'automate' certificate loader, it will now use
an internal issuer for internal-only names, and an ACME issuer for
all other names by default.
- If the HTTP Caddyfile adds an 'automate' loader, it now also adds an
automation policy for any names in that loader that do not qualify
for public certificates so that they will be issued internally. (It
might be nice if this wasn't necessary, but the alternative is to
either make auto-HTTPS logic way more complex by scanning the names in
the 'automate' loader, or to have an automation policy without an
issuer switch between default issuer based on the name being issued
a certificate - I think I like the latter option better, right now we
do something kind of like that but at a level above each individual
automation policies, we do that switch only when no automation
policies match, rather than when a policy without an issuer does
match.)
- Set the default LoggerName rather than a LoggerNames with an empty
host value, which is now taken literally rather than as a catch-all.
- hostsFromKeys, the function that gets a list of hosts from server
block keys, no longer returns an empty string in its resulting slice,
ever.
2020-04-08 15:46:44 -05:00
|
|
|
// the keys of the server block sb. If logger mode is false, a key with
|
|
|
|
// an empty hostname portion will return an empty slice, since that
|
|
|
|
// server block is interpreted to effectively match all hosts. An empty
|
|
|
|
// string is never added to the slice.
|
|
|
|
//
|
|
|
|
// If loggerMode is true, then the non-standard ports of keys will be
|
|
|
|
// joined to the hostnames. This is to effectively match the Host
|
|
|
|
// header of requests that come in for that key.
|
|
|
|
//
|
|
|
|
// The resulting slice is not sorted but will never have duplicates.
|
|
|
|
func (sb serverBlock) hostsFromKeys(loggerMode bool) []string {
|
|
|
|
// ensure each entry in our list is unique
|
2020-04-02 15:20:30 -05:00
|
|
|
hostMap := make(map[string]struct{})
|
|
|
|
for _, addr := range sb.keys {
|
httpcaddyfile, caddytls: Multiple edge case fixes; add tests
- Create two default automation policies; if the TLS app is used in
isolation with the 'automate' certificate loader, it will now use
an internal issuer for internal-only names, and an ACME issuer for
all other names by default.
- If the HTTP Caddyfile adds an 'automate' loader, it now also adds an
automation policy for any names in that loader that do not qualify
for public certificates so that they will be issued internally. (It
might be nice if this wasn't necessary, but the alternative is to
either make auto-HTTPS logic way more complex by scanning the names in
the 'automate' loader, or to have an automation policy without an
issuer switch between default issuer based on the name being issued
a certificate - I think I like the latter option better, right now we
do something kind of like that but at a level above each individual
automation policies, we do that switch only when no automation
policies match, rather than when a policy without an issuer does
match.)
- Set the default LoggerName rather than a LoggerNames with an empty
host value, which is now taken literally rather than as a catch-all.
- hostsFromKeys, the function that gets a list of hosts from server
block keys, no longer returns an empty string in its resulting slice,
ever.
2020-04-08 15:46:44 -05:00
|
|
|
if addr.Host == "" {
|
|
|
|
if !loggerMode {
|
|
|
|
// server block contains a key like ":443", i.e. the host portion
|
|
|
|
// is empty / catch-all, which means to match all hosts
|
|
|
|
return []string{}
|
|
|
|
}
|
|
|
|
// never append an empty string
|
|
|
|
continue
|
2020-04-02 15:20:30 -05:00
|
|
|
}
|
httpcaddyfile, caddytls: Multiple edge case fixes; add tests
- Create two default automation policies; if the TLS app is used in
isolation with the 'automate' certificate loader, it will now use
an internal issuer for internal-only names, and an ACME issuer for
all other names by default.
- If the HTTP Caddyfile adds an 'automate' loader, it now also adds an
automation policy for any names in that loader that do not qualify
for public certificates so that they will be issued internally. (It
might be nice if this wasn't necessary, but the alternative is to
either make auto-HTTPS logic way more complex by scanning the names in
the 'automate' loader, or to have an automation policy without an
issuer switch between default issuer based on the name being issued
a certificate - I think I like the latter option better, right now we
do something kind of like that but at a level above each individual
automation policies, we do that switch only when no automation
policies match, rather than when a policy without an issuer does
match.)
- Set the default LoggerName rather than a LoggerNames with an empty
host value, which is now taken literally rather than as a catch-all.
- hostsFromKeys, the function that gets a list of hosts from server
block keys, no longer returns an empty string in its resulting slice,
ever.
2020-04-08 15:46:44 -05:00
|
|
|
if loggerMode &&
|
2020-04-02 15:20:30 -05:00
|
|
|
addr.Port != "" &&
|
|
|
|
addr.Port != strconv.Itoa(caddyhttp.DefaultHTTPPort) &&
|
|
|
|
addr.Port != strconv.Itoa(caddyhttp.DefaultHTTPSPort) {
|
|
|
|
hostMap[net.JoinHostPort(addr.Host, addr.Port)] = struct{}{}
|
|
|
|
} else {
|
|
|
|
hostMap[addr.Host] = struct{}{}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// convert map to slice
|
|
|
|
sblockHosts := make([]string, 0, len(hostMap))
|
|
|
|
for host := range hostMap {
|
|
|
|
sblockHosts = append(sblockHosts, host)
|
|
|
|
}
|
|
|
|
|
|
|
|
return sblockHosts
|
2019-08-21 11:46:35 -05:00
|
|
|
}
|
|
|
|
|
httpcaddyfile, caddytls: Multiple edge case fixes; add tests
- Create two default automation policies; if the TLS app is used in
isolation with the 'automate' certificate loader, it will now use
an internal issuer for internal-only names, and an ACME issuer for
all other names by default.
- If the HTTP Caddyfile adds an 'automate' loader, it now also adds an
automation policy for any names in that loader that do not qualify
for public certificates so that they will be issued internally. (It
might be nice if this wasn't necessary, but the alternative is to
either make auto-HTTPS logic way more complex by scanning the names in
the 'automate' loader, or to have an automation policy without an
issuer switch between default issuer based on the name being issued
a certificate - I think I like the latter option better, right now we
do something kind of like that but at a level above each individual
automation policies, we do that switch only when no automation
policies match, rather than when a policy without an issuer does
match.)
- Set the default LoggerName rather than a LoggerNames with an empty
host value, which is now taken literally rather than as a catch-all.
- hostsFromKeys, the function that gets a list of hosts from server
block keys, no longer returns an empty string in its resulting slice,
ever.
2020-04-08 15:46:44 -05:00
|
|
|
// hasHostCatchAllKey returns true if sb has a key that
|
|
|
|
// omits a host portion, i.e. it "catches all" hosts.
|
|
|
|
func (sb serverBlock) hasHostCatchAllKey() bool {
|
|
|
|
for _, addr := range sb.keys {
|
|
|
|
if addr.Host == "" {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2019-08-21 11:46:35 -05:00
|
|
|
type (
|
|
|
|
// UnmarshalFunc is a function which can unmarshal Caddyfile
|
|
|
|
// tokens into zero or more config values using a Helper type.
|
|
|
|
// These are passed in a call to RegisterDirective.
|
|
|
|
UnmarshalFunc func(h Helper) ([]ConfigValue, error)
|
|
|
|
|
|
|
|
// UnmarshalHandlerFunc is like UnmarshalFunc, except the
|
|
|
|
// output of the unmarshaling is an HTTP handler. This
|
|
|
|
// function does not need to deal with HTTP request matching
|
|
|
|
// which is abstracted away. Since writing HTTP handlers
|
|
|
|
// with Caddyfile support is very common, this is a more
|
|
|
|
// convenient way to add a handler to the chain since a lot
|
|
|
|
// of the details common to HTTP handlers are taken care of
|
|
|
|
// for you. These are passed to a call to
|
|
|
|
// RegisterHandlerDirective.
|
|
|
|
UnmarshalHandlerFunc func(h Helper) (caddyhttp.MiddlewareHandler, error)
|
|
|
|
)
|
|
|
|
|
|
|
|
var registeredDirectives = make(map[string]UnmarshalFunc)
|