• Matthew Holt's avatar
    httpserver: Flags to customize HTTP and HTTPS ports (incl. for ACME) · e3f2d96a
    Matthew Holt authored
    This commit removes _almost_ all instances of hard-coded ports 80 and
    443 strings, and now allows the user to define what the HTTP and HTTPS
    ports are by the -http-port and -https-ports flags.
    
    (One instance of "80" is still hard-coded in tls.go because it cannot
    import httpserver to get access to the HTTP port variable. I don't
    suspect this will be a problem in practice, but one workaround would be
    to define an exported variable in the caddytls package and let the
    httpserver package set it as well as its own HTTPPort variable.)
    
    The port numbers required by the ACME challenges HTTP-01 and TLS-SNI-01
    are hard-coded into the spec as ports 80 and 443 for good reasons,
    but the big question is whether they necessarily need to be the HTTP
    and HTTPS ports. Although the answer is probably no, they chose those
    ports for convenience and widest compatibility/deployability. So this
    commit also assumes that the "HTTP port" is necessarily the same port
    on which to serve the HTTP-01 challenge, and the "HTTPS port" is
    necessarily the same one on which to serve the TLS-SNI-01 challenge. In
    other words, changing the HTTP and HTTPS ports also changes the ports
    the challenges will be served on.
    
    If you change the HTTP and HTTPS ports, you are responsible for
    configuring your system to forward ports 80 and 443 properly.
    
    Closes #918 and closes #1293. Also related: #468.
    e3f2d96a
https_test.go 6.26 KB