Matthew Holt
600ee9a89f
fastcgi: Accept any other methods as a POST-style request
2016-01-31 21:36:39 -07:00
Matthew Holt
c5983e305f
Merge branch 'master' of github.com:mholt/caddy
2016-01-30 21:05:18 -07:00
Den Quixote
8d057c8614
letsencrypt: properly retrieve hostname from request.
2016-01-30 02:20:34 +01:00
MathiasB
ac197f1694
FastCGI: some simple tests for buildEnv
...
More tests are needed for the other environmental variables.
These tests were specifically made for testing of IP addresses.
2016-01-29 11:46:15 +01:00
MathiasB
d8be787f39
FastCGI: IPv6 when parsing r.RemoteAddr
2016-01-28 15:26:33 +01:00
Matt Holt
a8c8b48390
Merge pull request #542 from cudevmaxwell/master
...
fastcgi: Parse address from fastcgi directive, pass results to Dial()
2016-01-28 00:21:06 -07:00
Kevin Bowrin
4d4ea94465
Parse address from fastcgi directive, and pass results to fcgiclient Dial().
...
This allows scheme prefixes "tcp://" and "fastcgi://" in configuration.
Fixes #540
2016-01-28 00:19:00 -05:00
Matt Holt
aeaf58b16a
Merge pull request #541 from jungle-boogie/patch-5
...
wrap lines to 80
2016-01-27 12:34:38 -07:00
jungle-boogie
73ed286309
wrap lines to 80
...
also update copyright year.
2016-01-27 11:28:49 -08:00
Matthew Holt
9e900b0a08
godoc
2016-01-25 20:45:23 -07:00
Matthew Holt
f1b2637d44
letsencrypt: Enable activation on empty hosts; fix email bug
2016-01-25 20:21:08 -07:00
Matthew Holt
178c4d11d9
Merge branch 'master' into getcertificate
2016-01-25 13:47:13 -07:00
Matthew Holt
7613ae3bf0
Change to Windows line endings for poor Notepad
2016-01-25 13:46:07 -07:00
Matthew Holt
ad664e5bba
browse: Render names with multiple consecutive spaces correctly
2016-01-25 13:43:35 -07:00
Matthew Holt
cf06abd691
Log restarts
2016-01-25 13:41:51 -07:00
Matthew Holt
a6abec8210
letsencrypt: Update to match upstream refactor
...
Challenge names now have their own type and constants
2016-01-25 08:47:28 -07:00
Matthew Holt
82b049229b
proxy: Add basic proxying test and InsecureSkipVerify transport test
2016-01-23 10:14:13 -07:00
Matt Holt
fae612d53b
Merge pull request #529 from FiloSottile/filippo/insecure
...
proxy: add a insecure_skip_verify option - closes #320
2016-01-23 09:13:30 -07:00
Filippo Valsorda
bae4ac9764
proxy: add a insecure_skip_verify option - closes #320
2016-01-23 03:26:31 +00:00
Matt Holt
6e340cb1d6
Merge pull request #514 from upsuper/fix-user-key-perm
...
letsencrypt: Fix perm of user key
2016-01-16 00:46:45 -07:00
Xidorn Quan
0d8d0ba5a0
letsencrypt: Fix perm of user key
2016-01-16 13:12:03 +11:00
Matt Holt
8655ea671b
Merge pull request #510 from alehano/master
...
gzip: Add .svg to default ext list
2016-01-15 15:33:15 -07:00
Matthew Holt
0d8526b7d9
gzip: Allow empty extension ( #509 )
2016-01-15 11:59:05 -07:00
Alexey Khalyapin
c9e0517e5e
Add .svg to default ext list in gzip middleware
2016-01-14 11:52:03 +03:00
Matthew Holt
e74558eaea
browse: Fix for files and dirs with ':' in name
2016-01-13 13:17:58 -07:00
Matthew Holt
b0ccab7b4a
tls: Fix failing test
2016-01-13 09:24:03 -07:00
Matthew Holt
47079c3d24
PoC: on-demand TLS
...
Implements "on-demand TLS" as I call it, which means obtaining TLS certificates on-the-fly during TLS handshakes if a certificate for the requested hostname is not already available. Only the first request for a new hostname will experience higher latency; subsequent requests will get the new certificates right out of memory.
Code still needs lots of cleanup but the feature is basically working.
2016-01-13 00:32:46 -07:00
Matthew Holt
b4cab78bec
Starting transition to Go 1.6 (http2 compatibility)
...
I've built this on Go 1.6 beta 1 and made some changes to be more compatible. Namely, I removed the use of the /x/net/http2 package and let net/http enable h2 by default; updated the way h2 is disabled (if the user requires it); moved TLS_FALLBACK_SCSV to the front of the cipher suites list (all values not accepted by http2 must go after those allowed by it); removed the NextProto default of http/1.1; set the http.Server.TLSConfig value to the TLS config used by the listener (we left it nil before, but this prevents automatic enabling of h2).
It is very likely there is more to do, but at least already Caddy uses HTTP/2 when built with Go 1.6.
2016-01-13 00:29:22 -07:00
Matthew Holt
3c96718027
Version 0.8.1
2016-01-12 10:01:57 -07:00
Matthew Holt
4b6e0e9369
tls: Fix failing test
2016-01-12 08:55:01 -07:00
Matthew Holt
2bcbdd6a17
Merge branch 'getcertificate'
2016-01-12 08:52:52 -07:00
Matthew Holt
8f2196c047
tls: No arguments to directive and no block is an error
2016-01-12 08:52:43 -07:00
Matthew Holt
c7d4d051cb
letsencrypt: Ensure no prompt if user is not there
...
Also only set custom address if alternate port is specified (rather than using a blank address; just cleaner this way)
2016-01-12 08:52:08 -07:00
Matt Holt
e283af4d9b
Merge pull request #502 from abiosoft/gzip-fix
...
gzip: Fix for wrong content-type when templates is used.
2016-01-12 08:32:09 -07:00
Abiola Ibrahim
12cd2d528c
Gzip: Fix for wrong content-type when templates is used.
2016-01-12 15:06:08 +01:00
Matthew Holt
8a6c778c8d
Log if host is not configured for server
2016-01-11 09:07:14 -07:00
Matthew Holt
77eae62d9f
letsencrypt: Don't prompt if user is not there
...
This change fixes the scenario where you reload the config and it tries to obtain a cert from the ACME server, but no email address is found or terms have not been agreed to in-process. This is unfortunate but it should not stop the server from reloading, so we assume empty email address in this case.
2016-01-10 23:40:55 -07:00
Matthew Holt
97c8c9582a
Updated changelog
2016-01-10 21:52:56 -07:00
Matthew Holt
ed0c0db6a3
If scheme and port defy convention, it is an error
...
This prevents serving HTTPS over port 80 or HTTP over 443. It's confusing and we don't allow it.
2016-01-10 20:51:50 -07:00
Matthew Holt
202849055c
tls: Extra requirements to set port to 443
...
It is unexpected to serve localhost on port 443 or any server on 443 if TLS is disabled, even if the port is blank. Also don't warn about how to force TLS on the HTTP port.
2016-01-10 20:47:43 -07:00
Matthew Holt
060ab92d29
Reorder a few things
...
The docs link to this structure and all its methods related to the browse template; keeping them together makes it possible to link to the whole block of code that is relevant.
2016-01-10 09:47:26 -07:00
Matthew Holt
0830c728fe
Remove pidfile when program exits ( closes #495 )
2016-01-09 21:48:07 -07:00
Matthew Holt
dab679df86
import: Fix multiple imports ( closes #480 )
2016-01-09 10:52:21 -07:00
Matthew Holt
9453224639
Merge branch 'letsencryptfix'
2016-01-08 23:59:15 -07:00
Matthew Holt
fd1765973a
letsencrypt: Tests for handler that proxies challenge requests
...
Doesn't test the SkipInsecureVerify proxy setting, but that can be done at another time.
2016-01-08 16:44:54 -07:00
Matthew Holt
0efe39a705
Switch back to LE production endpoint
2016-01-08 14:13:21 -07:00
Matthew Holt
a3f3bc67e1
Merge branch 'browse-tpl'
2016-01-08 14:02:55 -07:00
Matthew Holt
8b93bfe751
letsencrypt: More tests! \o/
2016-01-08 13:49:06 -07:00
Matthew Holt
897b6c5b0e
letsencrypt: More tests, other minor improvements
2016-01-08 12:32:47 -07:00
Matthew Holt
fc928e0b3b
letsencrypt: Couple minor refactors/fixes
2016-01-08 11:55:31 -07:00