1. 03 Mar, 2016 2 commits
  2. 02 Mar, 2016 2 commits
    • Matthew Holt's avatar
    • Matthew Holt's avatar
      Revert recent Content-Length-related changes and fix fastcgi return · 2a46f2a1
      Matthew Holt authored
      fastcgi's ServeHTTP method originally returned the correct value (0) in
      b51e8bc1. Later, I mistakenly suggested
      we change that to return the status code because I forgot that status
      codes aren't logged by the return value. So fastcgi broke due in
      3966936b due to my error.
      
      We later had to try to make up for this with ugly Content-Length checks
      like in c37ad7f6. Turns out that all we
      had to do was fix the returned status here back to 0. The proxy
      middleware behaves the same way, and returning 0 is correct. We should
      only return a status code if the response has not been written, but with
      upstream servers, we do write a response; they do not know about our
      error handler.
      
      Also clarifed this in the middleware.Handler documentation.
      2a46f2a1
  3. 01 Mar, 2016 1 commit
  4. 27 Feb, 2016 2 commits
  5. 26 Feb, 2016 1 commit
    • Matthew Holt's avatar
      Implant version information with -ldflags with help of build script · da08c94a
      Matthew Holt authored
      Without -ldflags, the verison information needs to be updated manually,
      which is never done between releases, so development builds appear
      indiscernable from stable builds using `caddy -version`.
      
      This is part of a set of changes intended to relieve the burden of
      always updating version information manually and distributing binaries
      that look stable but actually may not be.
      
      A stable build is defined as one which is produced at a git tag with
      a clean working directory (no uncommitted changes). A dev build is
      anything else. With this build script, `caddy -version` will now reveal
      whether it is a development build and, if so, the base version, the
      latest commit, the date and time of build, and the names of files with
      changes as well as how many changes were made.
      
      The output of `caddy -version` for stable builds remains the same.
      da08c94a
  6. 25 Feb, 2016 3 commits
  7. 24 Feb, 2016 7 commits
  8. 23 Feb, 2016 2 commits
  9. 22 Feb, 2016 2 commits
  10. 20 Feb, 2016 3 commits
  11. 19 Feb, 2016 6 commits
  12. 18 Feb, 2016 1 commit
  13. 17 Feb, 2016 1 commit
  14. 16 Feb, 2016 1 commit
    • Matthew Holt's avatar
      Bug fixes and other improvements to TLS functions · 1cfd960f
      Matthew Holt authored
      Now attempt to staple OCSP even for certs that don't have an existing staple (issue #605). "tls off" short-circuits tls setup function. Now we call getEmail() when setting up an acme.Client that does renewals, rather than making a new account with empty email address. Check certificate expiry every 12 hours, and OCSP every hour.
      1cfd960f
  15. 15 Feb, 2016 1 commit
  16. 14 Feb, 2016 1 commit
  17. 12 Feb, 2016 2 commits
    • Matthew Holt's avatar
      Fix HTTPS config for empty/no Caddyfile · a11e14ac
      Matthew Holt authored
      This fixes a regression introduced in recent commits that enabled TLS on the default ":2015" config. This fix is possible because On-Demand TLS is no longer implicit; it must be explicitly enabled by the user by setting a maximum number of certificates to issue.
      a11e14ac
    • Jacob Hands's avatar
      Use rotating log files · dc63e501
      Jacob Hands authored
      dc63e501
  18. 11 Feb, 2016 2 commits
    • Matthew Holt's avatar
      https: Only create ACMEClient if it's actually going to be used · 04c7c442
      Matthew Holt authored
      Otherwise it tries to create an account and stuff at first start, even without a Caddyfile or when serving localhost.
      04c7c442
    • Matthew Holt's avatar
      Fix edge case related to reloaded configs and ACME challenge · 7bd2adf0
      Matthew Holt authored
      If Caddy is running but not listening on port 80, reloading Caddy with a new Caddyfile that needs to obtain a TLS cert from the CA would fail, because it was just assumed that, if reloading, port 80 as already in use. That is not always the case, so we scan the servers to see if one of them is listening on port 80, and we configure the ACME client accordingly. Kind of a hack... but it works.
      7bd2adf0