Commit Graph

1312 Commits

Author SHA1 Message Date
Matthew Holt 8025ad9107
cmd: Disable admin endpoint for file-server and reverse-proxy commands
This makes it easier to use multiple instances on the same machine
2019-11-15 15:52:19 -07:00
Matthew Holt 6cdb2392d7
cmd: Improve stop command by trying API before signaling process
This allows graceful shutdown on all platforms
2019-11-15 15:45:18 -07:00
Matthew Holt 0ca109db4a
Minor cleanups 2019-11-15 12:47:38 -07:00
Matthew Holt 0fc97211ab
http: Make path matcher case-insensitive
Adds tests for both the path matcher and host matcher for case
insensitivity.

If case sensitivity is required for the path, a regexp matcher can
be used instead.

This is the v2 equivalent fix of PR #2882.
2019-11-15 12:47:06 -07:00
Matthew Holt ad90b273db
core: Add tests to Replacer; fix panic (fixes #2852) 2019-11-11 19:29:31 -07:00
Mohammed Al Sahaf 93bc1b72e3 core: Use port ranges to avoid OOM with bad inputs (#2859)
* fix OOM issue caught by fuzzing

* use ParsedAddress as the struct name for the result of ParseNetworkAddress

* simplify code using the ParsedAddress type

* minor cleanups
2019-11-11 15:33:38 -07:00
Matthew Holt a19da07b72
http: Add response headers to access logs 2019-11-11 14:02:01 -07:00
Matthew Holt 16782d9988
http: Use permanent redirects for HTTP->HTTPS 2019-11-11 14:01:42 -07:00
Sarat Chandra dfdddcfacb logging: Support placeholders in level and filename (#2872)
* Add support for placeholders in Config

Fixes #2870

* Replace placeholders only in logging config.

Placeholders in log level and filename incase of file output are replaced.

* Add Provision to filewriter module for replacing placeholders
2019-11-11 11:04:41 -07:00
Marten Seemann 7ff02f37b6 go.mod: update quic-go to v0.13.1 (#2871) 2019-11-09 08:10:43 -07:00
Matthew Holt e4a2add73f
cmd: Print errors to stderr 2019-11-08 09:59:49 -07:00
Matthew Holt 95615f5377
reverse_proxy: Fix NTLM auth detection
D'oh. Got mixed up in a refactoring.
2019-11-06 00:16:16 -07:00
Matthew Holt 8e515289cb
reverse_proxy: Add support for NTLM 2019-11-05 16:29:10 -07:00
Matthew Holt 6e95477224
http: Eliminate allocation in cloneURL; add RemoteAddr to origRequest 2019-11-05 16:28:33 -07:00
Matthew Holt 97d918df3e
reverse_proxy: Make HTTP versions configurable, don't set NextProtos 2019-11-05 16:27:51 -07:00
Matthew Holt f5c6a8553c
Prepare for beta 9 tag 2019-11-04 13:43:39 -07:00
Matthew Holt 263ffbfaec
caddyfile: Fix bug with Delete
It now will delete the current token even if it is the last one
2019-11-04 13:25:37 -07:00
Matthew Holt bf363f061d
reverse_proxy: Add UnmarshalCaddyfile for random_choose selection policy
Also allow caddy.Duration to be given integer values which are treated
like regular time.Duration values (nanoseconds).

Fixes #2856
2019-11-04 12:54:46 -07:00
Matthew Holt 7129f6c1c0
admin: Remove /unload endpoint (is same as DELETE /config/) 2019-11-04 12:53:14 -07:00
Matthew Holt cb25dd72ab
reverse_proxy: Add port to upstream address if only implied in scheme 2019-11-04 12:18:42 -07:00
Matthew Holt d55fa68902
http: Only log handler errors >= 500
Errors in the 4xx range are client errors, and they don't need to be
entered into the server's error logs. 4xx errors are still recorded in
the access logs at the error level.
2019-11-04 12:18:01 -07:00
Matthew Holt b1f41d0ff1
logging: Default logger should use wall time with milliseconds
This format is easier for humans to read and is still very precise.
2019-11-04 12:14:22 -07:00
Matthew Holt 6011ce120a
cmd: Move module imports into standard packages
This makes it easier to make "standard" caddy builds, since you'll only
need to add a single import to get all of Caddy's standard modules.

There is a package for all of Caddy's standard modules (modules/standard)
and a package for the HTTP app's standard modules only
(modules/caddyhttp/standard).

We still need to decide which of these, if not all of them, should be
kept in the standard build. Those which aren't should be moved out of
this repo. See #2780.
2019-11-04 12:13:21 -07:00
Matthew Holt 27e288ab19
core: Synchronize calls to SetDeadline within fakeCloseListener
First evidenced in #2658, listener deadlines would sometimes be set
after clearing them, resulting in endless i/o timeout errors, which
leave all requests hanging. This bug is fixed by synchronizing the
calls to SetDeadline: when Close() is called, the deadline is first
set to a time in the past, and the lock is released only after the
deadline is set, so when the other servers break out of their Accept()
calls, they will clear the deadline *after* it was set. Before, the
clearing could sometimes come before the set, which meant that it was
left in a timeout state indefinitely.

This may not yet be a perfect solution -- ideally, the setting and
clearing of the deadline would happen exactly once per underlying
listener, not once per fakeCloseListener, but in rigorous testing with
these changes (comprising tens of thousands of config reloads), I was
able to verify that no race condition is manifest.
2019-11-04 12:10:03 -07:00
Matthew Holt 35f70c98fa
core: Major refactor of admin endpoint and config handling
Fixed several bugs and made other improvements. All config changes are
now mediated by the global config state manager. It used to be that
initial configs given at startup weren't tracked, so you could start
caddy with --config caddy.json and then do a GET /config/ and it would
return null. That is fixed, along with several other general flow/API
enhancements, with more to come.
2019-11-04 12:05:20 -07:00
Matthew Holt fb06c041c4
http: Ensure server loggers are not nil (fixes #2849) 2019-10-31 11:45:18 -06:00
Matthew Holt 8ef0a0b4f8
reverse_proxy: Fix panic for some CLI flag values (closes #2848) 2019-10-31 11:34:54 -06:00
Matthew Holt 8d3c64932e
http: Avoid panic if handler errors lack underlying error value
Fixes #2845
2019-10-30 21:41:52 -06:00
Mohammed Al Sahaf 0dd9243478
Re-remove admin fuzz target from azure-pipelines.yml (#2846)
Fixing a git-oopsie on my behalf
2019-10-31 01:49:18 +03:00
Andreas Schneider 432b94239d admin listener as opt-in for initial config (#2834)
* Always cleanup admin endpoint first

* Error out if no config has been set (#2833)

* Ignore explicitly missing admin config (#2833)

* Separate config loading from admin initialization (#2833)

* Add admin option to specify admin listener address (#2833)

* Use zap for reporting admin endpoint status
2019-10-30 15:12:42 -06:00
Mohammed Al Sahaf 4611537f06
Add missing fuzzer (#2844)
* fuzz: add missing fuzzer by fixing .gitignore adding a negation for caddyfile/ directory

* ci: print fuzzing type for debuggability and traceability

* README: update the Fuzzit badge to point to the correct Caddy server Github organization
2019-10-30 23:57:22 +03:00
Matthew Holt 76c22c7b38
auth: Clean up basicauth 2019-10-30 13:56:27 -06:00
Matthew Holt c7da6175bc
fuzz: Remove admin fuzzer
Not really necessary; underlying work is done by json.Unmarshal which
is part of the Go standard lib. Also, it called Run, which potentially
tries to get certificates; we should not let that happen.
2019-10-30 12:19:59 -06:00
Matthew Holt 11a2733dc2
ci: Change fuzz type from regression to local-regression
As per recommendation from Fuzzit devs
2019-10-30 11:50:19 -06:00
Matthew Holt 1be121cec7
fuzz: Don't call Load() in HTTP caddyfile adapter fuzz tests
Doing so has a tendency to request certificates...
2019-10-30 11:48:21 -06:00
Matthew Holt dccba71276 reverse_proxy: Structured logs 2019-10-29 16:02:58 -06:00
Mohammed Al Sahaf be36aade9a ci: Update fuzzer target name (#2841)
Update the fuzzer target name for the address parser so it better matches the func name
2019-10-29 13:20:34 -06:00
Matthew Holt ba0000678d
Remove unused fields from HandlerError 2019-10-29 11:59:08 -06:00
Matthew Holt c4c45f8e01
logging: Tweak defaults (enable logging by default, color level enc.) 2019-10-29 11:58:29 -06:00
Matthew Holt 54e458b756
proxy: Forgot to commit import 2019-10-29 10:22:49 -06:00
Matthew Holt d803561212
caddyhttp: Fix nil pointer dereference 2019-10-29 00:08:06 -06:00
Matthew Holt 813fff0584
proxy: Enable HTTP/2 on transport to backend 2019-10-29 00:07:45 -06:00
Matthew Holt d2e7baed8d
Plug in distributed STEK module 2019-10-29 00:06:04 -06:00
Matthew Holt d6dad04e96
cache: Make peer addresses configurable 2019-10-28 15:09:12 -06:00
Matthew Holt 442fd748f6
caddyhttp: Minor cleanup and fix nil pointer deref in caddyfile adapter 2019-10-28 15:08:45 -06:00
Matt Holt b00dfd3965
v2: Logging! (#2831)
* logging: Initial implementation

* logging: More encoder formats, better defaults

* logging: Fix repetition bug with FilterEncoder; add more presets

* logging: DiscardWriter; delete or no-op logs that discard their output

* logging: Add http.handlers.log module; enhance Replacer methods

The Replacer interface has new methods to customize how to handle empty
or unrecognized placeholders. Closes #2815.

* logging: Overhaul HTTP logging, fix bugs, improve filtering, etc.

* logging: General cleanup, begin transitioning to using new loggers

* Fixes after merge conflict
2019-10-28 14:39:37 -06:00
Mohammed Al Sahaf 6c533558a3
fuzz-ci: fix & enhance fuzzing process (#2835)
* fuzz-ci: fix the authentication call for fuzzit by using the --api-key flag rather than the `auth` command

* Allow fuzzing on schedules as well as non-fork PRs

Closes #2710
2019-10-28 20:45:55 +03:00
Mohammed Al Sahaf 2fbe2ff40b fuzz: introduce continuous fuzzing for Caddy (#2723)
* fuzz: lay down the foundation for continuous fuzzing

* improve the fuzzers and add some

* fuzz: add Fuzzit badge to README & enable fuzzers submission in CI

* v2-fuzz: do away with the submodule approach for fuzzers

* fuzz: enable fuzzit
2019-10-25 18:52:16 -06:00
Matthew Holt faf67b1067
tls: Make the on-demand rate limiter actually work
This required a custom rate limiter implementation in CertMagic
2019-10-21 12:03:51 -06:00
Matthew Holt 208f2ff93c
rewrite: Options to strip prefix/suffix and issue redirects
Fixes #2011
2019-10-19 19:22:29 -06:00