By default Go 1.23 enables X25519Kyber768, a post-quantum key agreement
method that is enabled by default on Chrome. Go 1.23 does not expose
the CurveID, so we cannot add it by specifying it in CurvePreferences.
The reason is that X25519Kyber768 is a preliminary key agreement that
will be supplanted by X25519MLKEM768. For the moment there is value
in enabling it.
A consequence of this is that by default Caddy will enable support
for P-384 and P-521.
This PR also removes the special code to add support for X25519Kyber768
via the Cloudflare Go branch.
Cf #6540
* Caddyfile support for TLS handshake matchers:
- caddytls.MatchLocalIP
- caddytls.MatchRemoteIP
- caddytls.MatchServerName
* Caddyfile support for TLS handshake matchers:
- fix imports order
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Certificate automation has permission modules that are designed to
prevent inappropriate issuance of unbounded or wildcard certificates.
When an explicit cert manager is used, no additional permission should
be necessary. For example, this should be a valid caddyfile:
https:// {
tls {
get_certificate tailscale
}
respond OK
}
This is accomplished when provisioning an AutomationPolicy by tracking
whether there were explicit managers configured directly on the policy
(in the ManagersRaw field). Only when a number of potentially unsafe
conditions are present AND no explicit cert managers are configured is
an error returned.
The problem arises from the fact that ctx.LoadModule deletes the raw
bytes after loading in order to save memory. The first time an
AutomationPolicy is provisioned, the ManagersRaw field is populated, and
everything is fine.
An AutomationPolicy with no subjects is treated as a special "catch-all"
policy. App.createAutomationPolicies ensures that this catch-all policy
has an ACME issuer, and then calls its Provision method again because it
may have changed. This second time Provision is called, ManagesRaw is no
longer populated, and the permission check fails because it appears as
though the policy has no explicit managers.
Address this by storing a new boolean on AutomationPolicy recording
whether it had explicit cert managers configured on it.
Also fix an inverted boolean check on this value when setting
failClosed.
Updates #6060
Updates #6229
Updates #6327
Signed-off-by: Will Norris <will@tailscale.com>
Set the requested server name in a context value for CertGetter
implementations to use. Pass ctx to tscert.GetCertificateWithContext.
Signed-off-by: Will Norris <will@tailscale.com>
* caddytls: Evict internal certs from cache based on issuer
During a config reload, we would keep certs in the cache fi they were used by the next config. If one config uses InternalIssuer and the other uses a public CA, this behavior is problematic / unintuitive, because there is a big difference between private/public CAs.
This change should ensure that internal issuers are considered when deciding whether to keep or evict from the cache during a reload, by making them distinct from each other and certs from public CAs.
* Make sure new TLS app manages configured certs
* Actually make it work
* Add option to configure certificate lifetime
* Bump CertMagic dep to latest master commit
* Apply suggestions and ran go mod tidy
* Update modules/caddytls/acmeissuer.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* caddytls: Make on-demand 'ask' permission modular
This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.
Kicking myself that we didn't do it this way at the beginning, but who coulda known...
* Lint
* Error on conflicting config
* Fix bad merge
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* tls: modularize client authentication trusted CA
* add `omitempty` to `CARaw`
* docs
* initial caddyfile support
* revert anything related to leaf cert validation
The certs are used differently than the CA pool flow
* complete caddyfile unmarshalling implementation
* Caddyfile syntax documentation
* enhance caddyfile parsing and documentation
Apply suggestions from code review
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* add client_auth caddyfile tests
* add caddyfile unmarshalling tests
* fix and add missed adapt tests
* fix rebase issue
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* use gofmput to format code
* use gci to format imports
* reconfigure gci
* linter autofixes
* rearrange imports a little
* export GOOS=windows golangci-lint run ./... --fix