- 24 Aug, 2017 1 commit
-
-
Matt Holt authored
* templates: Execute template loaded by later middlewares This is the beginning of an attempt to make the staticfiles file server the only middleware that hits the disk and loads content. This may have unknown implications. But the goal is to reduce duplication without sacrificing performance. (We now call ServeContent here.) This change loses about 15% of the req/sec of the old way of doing it, but this way is arguably more correct since the file server is good at serving static files; duplicating that logic in every middleware that needs to hit the disk is not practical. * httpserver: Introduce ResponseRecorder as per Tw's suggestions It implements io.ReaderFrom and has some allocation-reducing optimizations baked into it * templates: Increase execution speed by ~10-15% after perf regression By using httpserver.ResponseBuffer, we can reduce allocations and still get what we want. It's a little tricky but it works so far.
-
- 23 Aug, 2017 3 commits
-
-
Matt Holt authored
tls: Fix OCSP stapling bug when certificate names overlap other certs
-
Matt Holt authored
Double systemd LimitNPROC to allow more threads
-
Matthew Holt authored
-
- 18 Aug, 2017 2 commits
-
-
Matt Holt authored
Add forwardproxy to directives' list
-
Sergey Frolov authored
-
- 14 Aug, 2017 1 commit
-
-
Julian Mazzitelli authored
-
- 13 Aug, 2017 2 commits
-
-
Matt Holt authored
Fix restart restart behaviour of the systemd service
-
Andreas Linz authored
The previous setting caused the service to hit a rate-limit when it was restarted more than 5 times in 24h. Editing the Caddyfile and restarting the service could also easily trigger this rate limit. One could argue that users could simply call `systemctl reset-failed caddy` to reset the rate-limit counter, but this is counterintuitive because most users won't know this command and are possibly unaware that they had hit a rate-limit. The service is now allowed to restart 10 times in 10 seconds before hitting a rate limit. This should be conservative enough to rate limit quickly failing services and to allow users to edit and test their caddy configuration. This closes #1718 Remove restart limit settings and use defaults By default 5 restarts within 10 seconds are allowed without encountering a restart limit hit, see `man systemd.unit` for details. Set Restart to on-abnormal The table in https://www.freedesktop.org/software/systemd/man/systemd.service.html#Restart= shows the conditions for which on-abnormal would restart the service. It will *not* restart the service in the following cases: - a non-zero exit status, e.g. an invalid Caddyfile - a zero exit code (or those specified in SuccessExitStatus=) and a clean signal clean signals are SIGHUP, SIGINT, SIGTERM or SIGPIPE https://github.com/systemd/systemd/blob/3536f49e8fa281539798a7bc5004d73302f39673/src/basic/exit-status.c#L205 The service *will be restarted* in the following cases: - a unclean signal, e.g. SIGKILL - on start and watchdog timeout (we don't use those systemd service constructs explicitly)
-
- 12 Aug, 2017 8 commits
-
-
Matt Holt authored
Fix for #1794: Fixes issues with IfMatcher and regular expressions.
-
Matt Holt authored
browse: Support absolute and recursive directory symlinks
-
Matthew Holt authored
-
Mattias Wadman authored
-
Matt Holt authored
* SIGUSR2 triggers graceful binary upgrades (spawns new process) * Move some functions around, hopefully fixing Windows build * Clean up a couple file closes and add links to useful debugging thread * Use two underscores in upgrade env var To help ensure uniqueness / avoid possible collisions
-
Mark Severson authored
-
Henrique Dias authored
-
Matthew Holt authored
https://caddy.community/t/random-ocsp-response-errors-for-random-clients/2473?u=matt Certificates are keyed by name in the cache, optimized for fast lookups during TLS handshakes using SNI. A more "correct" way that is truly a 1:1 would be to cache certificates by a hash of the leaf's DER bytes, but this involves an extra index to maintain. So instead of that, we simply choose to prevent overlap when keying certificates by server name. This avoids the ambiguity when updating OCSP staples, for instance.
-
- 09 Aug, 2017 2 commits
-
-
Matthew Holt authored
(allow no arguments of paths to protect)
-
Matthew Holt authored
-
- 08 Aug, 2017 1 commit
-
-
Dusty Doris authored
* static files ending with an index were redirected improperly * optimize requestPage
-
- 05 Aug, 2017 1 commit
-
-
Dhananjay Balan authored
-
- 03 Aug, 2017 2 commits
-
-
Matthew Holt authored
-
Simon Lightfoot authored
Updated ifCondition test to deep test all fields. Changed NewComplexRule to not return a pointer. Corrected panic detection in formatting. Fixed failing test cases. Fixed review bug for test. Fixes bug caused by Replacer running on the regular expressions in IfMatcher. We also now compile regular expressions up front to detect errors. Fixes rewrite bugs that come from formatting a rule as a string and failing with nil dereference caused by embedding Regexp pointer in a Rule. Re: Issue #1794
-
- 02 Aug, 2017 2 commits
-
-
Matt Holt authored
Distinguishable exit codes
-
Matthew Holt authored
0: normal or expected exit 1: error before server finished starting 2: double SIGINT (force quit) 3: error stopping with SIGQUIT 4: shutdown callback(s) returned error(s)
-
- 31 Jul, 2017 1 commit
-
-
Matthew Holt authored
Only the outside function call is executed in a new goroutine when invoking 'go'. Oops. Force quits (2 SIGINTs) now work again.
-
- 28 Jul, 2017 4 commits
-
-
Matthew Holt authored
-
Matt Holt authored
fastcgi: Fix for #1788. Align atomic fields to 64-bit word (Go bug)
-
Abiola Ibrahim authored
-
Henrique Dias authored
-
- 27 Jul, 2017 5 commits
-
-
Matthew Holt authored
-
Matthew Holt authored
-
Matthew Holt authored
Also clarified a comment in SiteConfig
-
Matt Holt authored
Move fallbackHosts to vhostTrie
-
Sergey Frolov authored
-
- 26 Jul, 2017 1 commit
-
-
Matt Holt authored
httpserver: Add global FallbackHosts for vhost matching
-
- 25 Jul, 2017 4 commits
-
-
Matt Holt authored
mitm: Fix out of bounds error when checking software version in UA
-
Sergey Frolov authored
-
Matt Holt authored
httpserver: Encapsulate WriteSiteNotFound error
-
Sergey Frolov authored
-