1. 13 Jul, 2018 1 commit
  2. 28 Jun, 2018 1 commit
    • Augusto Roman's avatar
      caddyfile: Fix multi-file snippets and import literals. (#2205) · 053373a3
      Augusto Roman authored
      * Fix a few import problems: snippets and import literals.
      
      Two problems are fixed by this code simplification:
      1. Snippets defined in one import file are strangely not available in
         another.
      2. If an imported file had a directive with an argument "import", then
         the rest of the tokens on the line would be converted to absolute
         filepaths.
      
      An example of #2 would be the following directive in an imported file:
          basicauth / import secret
      
      In this case, the password would actually be an absolute path to the
      file 'secret' (whether or not it exists) in the directory of the imported
      Caddyfile.
      
      The problem was the blind token processing to fix import paths in the
      imported tokens without considering the context of the 'import' token.
      
      My first inclination was to just add more context (detect 'import' tokens
      at the beginning of lines and check the value tokens against defined
      snippets), however I eventually realized that we already do all of this
      in the parser, so the code was redundant. Instead we just use the current
      token's File property when importing. This works fine with imported tokens
      since they already have the absolute path to the imported file!
      
      Fixes #2204
      
      * renamed file2 -> fileName
      
      * Fix copy/pasted comment in test.
      
      * Change gzip example to basicauth example.
      
      This makes it more clear how the import side effect is detrimental.
      053373a3
  3. 19 Jun, 2018 1 commit
  4. 12 Jun, 2018 1 commit
  5. 08 Jun, 2018 1 commit
  6. 28 May, 2018 1 commit
    • Alexander Danilov's avatar
      Add -env-file flag (#2176) · accaa378
      Alexander Danilov authored
      This adds new feature to load envs from file provided from command line argument
      Implement parsing of the env file for simple KEY=VALUE format
      accaa378
  7. 18 May, 2018 1 commit
  8. 17 May, 2018 3 commits
  9. 16 May, 2018 1 commit
  10. 10 May, 2018 6 commits
  11. 09 May, 2018 4 commits
  12. 07 May, 2018 3 commits
  13. 01 May, 2018 1 commit
  14. 28 Apr, 2018 1 commit
  15. 20 Apr, 2018 4 commits
  16. 18 Apr, 2018 2 commits
  17. 17 Apr, 2018 1 commit
    • Tanmay Chaudhry's avatar
      proxy: Enabled configurable timeout (#2070) · 98de336a
      Tanmay Chaudhry authored
      * Enabled configurable Timeout for the proxy directive
      
      * Added Test for reverse for proxy timeout
      
      * Removed Duplication in proxy constructors
      
      * Remove indirection from multiple constructors and refactor into one
      
      * Fix inconsistent error message and refactor dialer initialization
      98de336a
  18. 15 Apr, 2018 1 commit
  19. 05 Apr, 2018 1 commit
  20. 03 Apr, 2018 1 commit
    • Matt Holt's avatar
      caddyfile: Fix errors caught by fuzzing (#2097) · 64c18a7c
      Matt Holt authored
      * caddyfile: More robust parsing for 'import' (fixes #2096)
      
      The fix for hanging involves limiting the number of wildcards in an
      import pattern to just 1. Otherwise some patterns can expand to the
      entire disk.
      
      The other fix requires that the end string for an environment variable
      expansion come after the start string.
      
      * caddyfile: Fix more fuzzing errors
      64c18a7c
  21. 02 Apr, 2018 2 commits
  22. 31 Mar, 2018 1 commit
  23. 30 Mar, 2018 1 commit
    • Matt Holt's avatar
      httpserver: Prevent TLS client authentication bypass in 3 ways (#2099) · 4d9ee000
      Matt Holt authored
      - Introduce StrictHostMatching mode for sites that require clientauth
      - Error if QUIC is enabled whilst TLS clientauth is configured
        (Our QUIC implementation does not yet support TLS clientauth, but
        maybe it will in the future - fixes #2095)
      - Error if one but not all TLS configs for the same hostname have a
        different ClientAuth CA pool
      4d9ee000