Commit Graph

69 Commits

Author SHA1 Message Date
b249b45d10 tls: Change struct fields to pointers, add nil checks; rate.Burst update
Making them pointers makes for cleaner JSON when adapting configs, if
the struct is empty now it will be omitted entirely.

The x/time/rate package was updated to support changing the burst, so
we've incorporated that here and removed a TODO.
2019-09-30 09:07:43 -06:00
f15f0d5839 Eliminate some TODOs 2019-09-14 18:05:45 -06:00
7799554baa go.mod: Use lego v3 and CertMagic 0.7.0 2019-09-12 17:31:10 -06:00
50961ecc77 Initial implementation of TLS client authentication (#2731)
* Add support for client TLS authentication

Signed-off-by: Alexandre Stein <alexandre_stein@interlab-net.com>

* make and use client authentication struct

* force StrictSNIHost if TLSConnPolicies is not empty

* Implement leafs verification

* Fixes issue when using multiple verification

* applies the comments from maintainers

* Apply comment

* Refactor/cleanup initial TLS client auth implementation
2019-09-03 09:35:36 -06:00
ab885f07b8 Implement config adapters and beginning of Caddyfile adapter
Along with several other changes, such as renaming caddyhttp.ServerRoute
to caddyhttp.Route, exporting some types that were not exported before,
and tweaking the caddytls TLS values to be more consistent.

Notably, we also now disable automatic cert management for names which
already have a cert (manually) loaded into the cache. These names no
longer need to be specified in the "skip_certificates" field of the
automatic HTTPS config, because they will be skipped automatically.
2019-08-09 12:05:47 -06:00
fdd871e177 go.mod: Append /v2 to module name; update all import paths
See https://github.com/golang/go/wiki/Modules#semantic-import-versioning
2019-07-02 12:37:06 -06:00
533d1afb4b tls: Enable TLS 1.3 by default; set sane defaults on tls.Config structs 2019-07-01 11:47:46 -06:00
3177ee8010 Add license 2019-06-30 16:07:58 -06:00
269b1e9aa3 tls: Improve (and fix) on-demand configuration 2019-06-20 20:36:29 -06:00
5137859e47 Rename caddy2 -> caddy
Removes the version from the package name
2019-06-14 11:58:28 -06:00
613aecb898 Change import paths to GitHub package names 2019-06-04 13:52:37 -06:00
3439933235 Implement session ticket keys; default STEK module with rotation 2019-05-29 23:11:46 -06:00
da6a8cfc86 Minor cleanups 2019-05-28 18:52:21 -06:00
9cd6f35e9d Separate out certificate selection 2019-05-27 11:31:47 -06:00
210d0cf7f1 Implement custom cert selection policies; optimize matching for SNI 2019-05-24 13:18:45 -06:00
1f0c061ce3 Architectural shift to using context for config and module state 2019-05-16 16:05:38 -06:00
f9d93ead4e Rename and export some types, other minor changes 2019-05-14 14:14:05 -06:00
5859cd8dad Instantiate apps that are needed but not explicitly configured 2019-04-29 09:22:00 -06:00
2d056fbe66 Initial commit of Storage, TLS, and automatic HTTPS implementations 2019-04-25 13:54:48 -06:00