caddyhttp: Address some Go 1.20 features (#6252)

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
This commit is contained in:
Matt Holt 2024-04-23 20:05:57 -04:00 committed by GitHub
parent d404005339
commit 6d97d8d87b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 125 additions and 16 deletions

33
cmd/x509rootsfallback.go Normal file
View File

@ -0,0 +1,33 @@
// Copyright 2015 Matthew Holt and The Caddy Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package caddycmd
import (
// For running in minimal environments, this can ease
// headaches related to establishing TLS connections.
// "Package fallback embeds a set of fallback X.509 trusted
// roots in the application by automatically invoking
// x509.SetFallbackRoots. This allows the application to
// work correctly even if the operating system does not
// provide a verifier or system roots pool. ... It's
// recommended that only binaries, and not libraries,
// import this package. This package must be kept up to
// date for security and compatibility reasons."
//
// This is in its own file only because of conflicts
// between gci and goimports when in main.go.
// See https://github.com/daixiang0/gci/issues/76
_ "golang.org/x/crypto/x509roots/fallback"
)

1
go.mod
View File

@ -36,6 +36,7 @@ require (
go.uber.org/zap v1.27.0 go.uber.org/zap v1.27.0
go.uber.org/zap/exp v0.2.0 go.uber.org/zap/exp v0.2.0
golang.org/x/crypto v0.22.0 golang.org/x/crypto v0.22.0
golang.org/x/crypto/x509roots/fallback v0.0.0-20240416174822-0da2a6a1bbc8
golang.org/x/net v0.24.0 golang.org/x/net v0.24.0
golang.org/x/sync v0.7.0 golang.org/x/sync v0.7.0
golang.org/x/term v0.19.0 golang.org/x/term v0.19.0

2
go.sum
View File

@ -507,6 +507,8 @@ golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
golang.org/x/crypto/x509roots/fallback v0.0.0-20240416174822-0da2a6a1bbc8 h1:WsZ1vq1wEPrhLWtbblOEshIKDAbG0sYGgbYCFInT0QM=
golang.org/x/crypto/x509roots/fallback v0.0.0-20240416174822-0da2a6a1bbc8/go.mod h1:kNa9WdvYnzFwC79zRpLRMJbdEFlhyM5RPFBBZp/wWH8=
golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw= golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw=
golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ= golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=

View File

@ -226,13 +226,22 @@ func StatusCodeMatches(actual, configured int) bool {
// in the implementation of http.Dir. The root is assumed to // in the implementation of http.Dir. The root is assumed to
// be a trusted path, but reqPath is not; and the output will // be a trusted path, but reqPath is not; and the output will
// never be outside of root. The resulting path can be used // never be outside of root. The resulting path can be used
// with the local file system. // with the local file system. If root is empty, the current
// directory is assumed. If the cleaned request path is deemed
// not local according to lexical processing (i.e. ignoring links),
// it will be rejected as unsafe and only the root will be returned.
func SanitizedPathJoin(root, reqPath string) string { func SanitizedPathJoin(root, reqPath string) string {
if root == "" { if root == "" {
root = "." root = "."
} }
path := filepath.Join(root, path.Clean("/"+reqPath)) relPath := path.Clean("/" + reqPath)[1:] // clean path and trim the leading /
if !filepath.IsLocal(relPath) {
// path is unsafe (see https://github.com/golang/go/issues/56336#issuecomment-1416214885)
return root
}
path := filepath.Join(root, filepath.FromSlash(relPath))
// filepath.Join also cleans the path, and cleaning strips // filepath.Join also cleans the path, and cleaning strips
// the trailing slash, so we need to re-add it afterwards. // the trailing slash, so we need to re-add it afterwards.

View File

@ -3,6 +3,7 @@ package caddyhttp
import ( import (
"net/url" "net/url"
"path/filepath" "path/filepath"
"runtime"
"testing" "testing"
) )
@ -12,9 +13,10 @@ func TestSanitizedPathJoin(t *testing.T) {
// %2f = / // %2f = /
// %5c = \ // %5c = \
for i, tc := range []struct { for i, tc := range []struct {
inputRoot string inputRoot string
inputPath string inputPath string
expect string expect string
expectWindows string
}{ }{
{ {
inputPath: "", inputPath: "",
@ -63,7 +65,7 @@ func TestSanitizedPathJoin(t *testing.T) {
{ {
inputRoot: "/a/b", inputRoot: "/a/b",
inputPath: "/%2e%2e%2f%2e%2e%2f", inputPath: "/%2e%2e%2f%2e%2e%2f",
expect: filepath.Join("/", "a", "b") + separator, expect: "/a/b", // inputPath fails the IsLocal test so only the root is returned
}, },
{ {
inputRoot: "/a/b", inputRoot: "/a/b",
@ -81,9 +83,16 @@ func TestSanitizedPathJoin(t *testing.T) {
expect: filepath.Join("C:\\www", "foo", "bar"), expect: filepath.Join("C:\\www", "foo", "bar"),
}, },
{ {
inputRoot: "C:\\www", inputRoot: "C:\\www",
inputPath: "/D:\\foo\\bar", inputPath: "/D:\\foo\\bar",
expect: filepath.Join("C:\\www", "D:\\foo\\bar"), expect: filepath.Join("C:\\www", "D:\\foo\\bar"),
expectWindows: filepath.Join("C:\\www"), // inputPath fails IsLocal on Windows
},
{
// https://github.com/golang/go/issues/56336#issuecomment-1416214885
inputRoot: "root",
inputPath: "/a/b/../../c",
expect: filepath.Join("root", "c"),
}, },
} { } {
// we don't *need* to use an actual parsed URL, but it // we don't *need* to use an actual parsed URL, but it
@ -96,6 +105,9 @@ func TestSanitizedPathJoin(t *testing.T) {
t.Fatalf("Test %d: invalid URL: %v", i, err) t.Fatalf("Test %d: invalid URL: %v", i, err)
} }
actual := SanitizedPathJoin(tc.inputRoot, u.Path) actual := SanitizedPathJoin(tc.inputRoot, u.Path)
if runtime.GOOS == "windows" && tc.expectWindows != "" {
tc.expect = tc.expectWindows
}
if actual != tc.expect { if actual != tc.expect {
t.Errorf("Test %d: SanitizedPathJoin('%s', '%s') => '%s' (expected '%s')", t.Errorf("Test %d: SanitizedPathJoin('%s', '%s') => '%s' (expected '%s')",
i, tc.inputRoot, tc.inputPath, actual, tc.expect) i, tc.inputRoot, tc.inputPath, actual, tc.expect)

View File

@ -15,6 +15,8 @@
package requestbody package requestbody
import ( import (
"time"
"github.com/dustin/go-humanize" "github.com/dustin/go-humanize"
"github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile"
@ -44,8 +46,30 @@ func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error)
} }
rb.MaxSize = int64(size) rb.MaxSize = int64(size)
case "read_timeout":
var timeoutStr string
if !h.AllArgs(&timeoutStr) {
return nil, h.ArgErr()
}
timeout, err := time.ParseDuration(timeoutStr)
if err != nil {
return nil, h.Errf("parsing read_timeout: %v", err)
}
rb.ReadTimeout = timeout
case "write_timeout":
var timeoutStr string
if !h.AllArgs(&timeoutStr) {
return nil, h.ArgErr()
}
timeout, err := time.ParseDuration(timeoutStr)
if err != nil {
return nil, h.Errf("parsing write_timeout: %v", err)
}
rb.WriteTimeout = timeout
default: default:
return nil, h.Errf("unrecognized servers option '%s'", h.Val()) return nil, h.Errf("unrecognized request_body subdirective '%s'", h.Val())
} }
} }

View File

@ -17,6 +17,9 @@ package requestbody
import ( import (
"io" "io"
"net/http" "net/http"
"time"
"go.uber.org/zap"
"github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2"
"github.com/caddyserver/caddy/v2/modules/caddyhttp" "github.com/caddyserver/caddy/v2/modules/caddyhttp"
@ -31,6 +34,14 @@ type RequestBody struct {
// The maximum number of bytes to allow reading from the body by a later handler. // The maximum number of bytes to allow reading from the body by a later handler.
// If more bytes are read, an error with HTTP status 413 is returned. // If more bytes are read, an error with HTTP status 413 is returned.
MaxSize int64 `json:"max_size,omitempty"` MaxSize int64 `json:"max_size,omitempty"`
// EXPERIMENTAL. Subject to change/removal.
ReadTimeout time.Duration `json:"read_timeout,omitempty"`
// EXPERIMENTAL. Subject to change/removal.
WriteTimeout time.Duration `json:"write_timeout,omitempty"`
logger *zap.Logger
} }
// CaddyModule returns the Caddy module information. // CaddyModule returns the Caddy module information.
@ -41,6 +52,11 @@ func (RequestBody) CaddyModule() caddy.ModuleInfo {
} }
} }
func (rb *RequestBody) Provision(ctx caddy.Context) error {
rb.logger = ctx.Logger()
return nil
}
func (rb RequestBody) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error { func (rb RequestBody) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error {
if r.Body == nil { if r.Body == nil {
return next.ServeHTTP(w, r) return next.ServeHTTP(w, r)
@ -48,6 +64,20 @@ func (rb RequestBody) ServeHTTP(w http.ResponseWriter, r *http.Request, next cad
if rb.MaxSize > 0 { if rb.MaxSize > 0 {
r.Body = errorWrapper{http.MaxBytesReader(w, r.Body, rb.MaxSize)} r.Body = errorWrapper{http.MaxBytesReader(w, r.Body, rb.MaxSize)}
} }
if rb.ReadTimeout > 0 || rb.WriteTimeout > 0 {
//nolint:bodyclose
rc := http.NewResponseController(w)
if rb.ReadTimeout > 0 {
if err := rc.SetReadDeadline(time.Now().Add(rb.ReadTimeout)); err != nil {
rb.logger.Error("could not set read deadline", zap.Error(err))
}
}
if rb.WriteTimeout > 0 {
if err := rc.SetWriteDeadline(time.Now().Add(rb.WriteTimeout)); err != nil {
rb.logger.Error("could not set write deadline", zap.Error(err))
}
}
}
return next.ServeHTTP(w, r) return next.ServeHTTP(w, r)
} }

View File

@ -2,7 +2,6 @@ package caddyhttp
import ( import (
"bytes" "bytes"
"fmt"
"io" "io"
"net/http" "net/http"
"strings" "strings"
@ -75,20 +74,19 @@ func TestResponseWriterWrapperReadFrom(t *testing.T) {
// take precedence over our ReadFrom. // take precedence over our ReadFrom.
src := struct{ io.Reader }{strings.NewReader(srcData)} src := struct{ io.Reader }{strings.NewReader(srcData)}
fmt.Println(name)
if _, err := io.Copy(wrapped, src); err != nil { if _, err := io.Copy(wrapped, src); err != nil {
t.Errorf("Copy() err = %v", err) t.Errorf("%s: Copy() err = %v", name, err)
} }
if got := tt.responseWriter.Written(); got != srcData { if got := tt.responseWriter.Written(); got != srcData {
t.Errorf("data = %q, want %q", got, srcData) t.Errorf("%s: data = %q, want %q", name, got, srcData)
} }
if tt.responseWriter.CalledReadFrom() != tt.wantReadFrom { if tt.responseWriter.CalledReadFrom() != tt.wantReadFrom {
if tt.wantReadFrom { if tt.wantReadFrom {
t.Errorf("ReadFrom() should have been called") t.Errorf("%s: ReadFrom() should have been called", name)
} else { } else {
t.Errorf("ReadFrom() should not have been called") t.Errorf("%s: ReadFrom() should not have been called", name)
} }
} }
}) })