Commits · 1fe39e4633105b512d3d7e90fc853cd8eeadf412 · nexedi / caddy

11 Feb, 2016 4 commits

Additional mitigation for on-demand TLS · 1fe39e46

Matthew Holt authored Feb 11, 2016

After 10 certificates are issued, no new certificate requests are allowed for 10 minutes after a successful issuance.

1fe39e46

tls: Some bug fixes, basic rate limiting, max_certs setting · 216a6172
Matthew Holt authored Feb 11, 2016

216a6172
Merge branch 'master' into getcertificate · d25a3e95
Matthew Holt authored Feb 11, 2016

d25a3e95

Major refactor of all HTTPS/TLS/ACME code · 11103bd8

Matthew Holt authored Feb 11, 2016

Biggest change is no longer using standard library's tls.Config.getCertificate function to get a certificate during TLS handshake. Implemented our own cache which can be changed dynamically at runtime, even during TLS handshakes. As such, restarts are no longer required after certificate renewals or OCSP updates.

We also allow loading multiple certificates and keys per host, even by specifying a directory (tls got a new 'load' command for that).

Renamed the letsencrypt package to https in a gradual effort to become more generic; and https is more fitting for what the package does now.

There are still some known bugs, e.g. reloading where a new certificate is required but port 80 isn't currently listening, will cause the challenge to fail. There's still plenty of cleanup to do and tests to write. It is especially confusing right now how we enable "on-demand" TLS during setup and keep track of that. But this change should basically work so far.

11103bd8

10 Feb, 2016 4 commits
- Merge pull request #467 from eiszfuchs/feature/proxy-socket · f1ba7fa3
  Matt Holt authored Feb 10, 2016
```
proxy: Support unix sockets
```
  f1ba7fa3
- created http.Transport and tests for unix sockets · 7091a209
  eiszfuchs authored Feb 10, 2016
  
  7091a209
- Merge pull request #591 from Barberrrry/master · 57ffe5a6
  Matt Holt authored Feb 10, 2016
```
fastcgi: New function DialWithDialer to create FCGIClient with custom Dialer.
```
  57ffe5a6
- New function DialWithDialer to create FCGIClient with custom Dialer. · b1208d3f
  Vadim Petrov authored Feb 10, 2016
  
  b1208d3f
05 Feb, 2016 2 commits
- Merge pull request #548 from captncraig/register · b089d14b
  Matt Holt authored Feb 05, 2016
```
Making directives externally registerable
```
  b089d14b
- making directives externally registerable · e72fc20c
  Craig Peterson authored Nov 11, 2015
  
  e72fc20c
04 Feb, 2016 7 commits
- Merge pull request #573 from miekg/markdown-directive · 5b7e0361
  Matt Holt authored Feb 04, 2016
```
templates: Add .Markdown directive
```
  5b7e0361
- Add .Markdown directive · 86f36bdb
  Miek Gieben authored Feb 04, 2016
```
This allows any template to use:
{{.Markdown "filename"}} which will convert the markdown contents
of filename to HTML and then include the HTML in the template.
```
  86f36bdb
- Merge pull request #572 from miekg/markdown-def-lists · 32781064
  Matt Holt authored Feb 04, 2016
```
markdown: enable definition lists
```
  32781064
- Merge pull request #571 from incon/log-remote-host · f9b8e31a
  Matt Holt authored Feb 04, 2016
```
When the requested host is not found, log the remote host.
```
  f9b8e31a
- Markdown: enable definition lists · fbdfc979
  Miek Gieben authored Feb 04, 2016
  
  fbdfc979
- Move logic to split the port to only happen when the host is not found. · 2acaf2fa
  David Darrell authored Feb 04, 2016
  
  2acaf2fa
- When the requested host is not found log the remote host. · f4fcfa87
  David Darrell authored Feb 04, 2016
  
  f4fcfa87
01 Feb, 2016 5 commits
- Merge pull request #551 from denquixote/acmehandlehost · 79db9392
  Matt Holt authored Feb 01, 2016
```
letsencrypt: properly retrieve hostname from request.
```
  79db9392
- Merge pull request #543 from DenBeke/master · f9b6ede9
  Matt Holt authored Feb 01, 2016
```
fastcgi: IPv6 when parsing r.RemoteAddr
```
  f9b6ede9
- Merge pull request #561 from DenBeke/fix-vet · 184abe3b
  Abiola Ibrahim authored Feb 01, 2016
```
basicauth: fixed 'go vet' printing function value
```
  184abe3b
- basicauth: fixed 'go vet' printing function value · fde9bbeb
  MathiasB authored Feb 01, 2016
  
  fde9bbeb
- Defined test function in TestBuildEnv · c59fd1c7
  MathiasB authored Feb 01, 2016
  
  c59fd1c7
31 Jan, 2016 1 commit
- Merge branch 'master' of github.com:mholt/caddy · c5983e30
  Matthew Holt authored Jan 30, 2016
  
  c5983e30
30 Jan, 2016 1 commit
- letsencrypt: properly retrieve hostname from request. · 8d057c86
  Den Quixote authored Jan 30, 2016
  
  8d057c86
29 Jan, 2016 1 commit

FastCGI: some simple tests for buildEnv · ac197f16

MathiasB authored Jan 29, 2016

More tests are needed for the other environmental variables.
These tests were specifically made for testing of IP addresses.

ac197f16

28 Jan, 2016 3 commits
- FastCGI: IPv6 when parsing r.RemoteAddr · d8be787f
  MathiasB authored Jan 28, 2016
  
  d8be787f
- Merge pull request #542 from cudevmaxwell/master · a8c8b483
  Matt Holt authored Jan 28, 2016
```
fastcgi: Parse address from fastcgi directive, pass results to Dial()
```
  a8c8b483
- Parse address from fastcgi directive, and pass results to fcgiclient Dial(). · 4d4ea944
  Kevin Bowrin authored Jan 27, 2016
```
This allows scheme prefixes "tcp://" and "fastcgi://" in configuration.

Fixes #540
```
  4d4ea944
27 Jan, 2016 2 commits
- Merge pull request #541 from jungle-boogie/patch-5 · aeaf58b1
  Matt Holt authored Jan 27, 2016
```
wrap lines to 80
```
  aeaf58b1
- wrap lines to 80 · 73ed2863
  jungle-boogie authored Jan 27, 2016
```
also update copyright year.
```
  73ed2863
26 Jan, 2016 2 commits
- godoc · 9e900b0a
  Matthew Holt authored Jan 25, 2016
  
  9e900b0a
- letsencrypt: Enable activation on empty hosts; fix email bug · f1b2637d
  Matthew Holt authored Jan 25, 2016
  
  f1b2637d
25 Jan, 2016 5 commits
- Merge branch 'master' into getcertificate · 178c4d11
  Matthew Holt authored Jan 25, 2016
  
  178c4d11
- Change to Windows line endings for poor Notepad · 7613ae3b
  Matthew Holt authored Jan 25, 2016
  
  7613ae3b
- browse: Render names with multiple consecutive spaces correctly · ad664e5b
  Matthew Holt authored Jan 25, 2016
  
  ad664e5b
- Log restarts · cf06abd6
  Matthew Holt authored Jan 25, 2016
  
  cf06abd6
- letsencrypt: Update to match upstream refactor · a6abec82
  Matthew Holt authored Jan 25, 2016
```
Challenge names now have their own type and constants
```
  a6abec82
23 Jan, 2016 3 commits
- proxy: Add basic proxying test and InsecureSkipVerify transport test · 82b04922
  Matthew Holt authored Jan 23, 2016
  
  82b04922
- Merge pull request #529 from FiloSottile/filippo/insecure · fae612d5
  Matt Holt authored Jan 23, 2016
```
proxy: add a insecure_skip_verify option - closes #320
```
  fae612d5
- proxy: add a insecure_skip_verify option - closes #320 · bae4ac97
  Filippo Valsorda authored Jan 23, 2016
  
  bae4ac97