Commit Graph

219 Commits

Author SHA1 Message Date
Mohammed Al Sahaf
dc12bd9743
proxyprotocol: use github.com/pires/go-proxyproto (#5915)
* proxyprotocol: use github.com/pires/go-proxyproto

* Fix typo: r/generelly/generally

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

* add config options for `Deny` CIDR and fallback policy

* use `netip` package & trust unix sockets

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-12-13 09:07:43 -07:00
Matt Holt
4a09cf0dc0
caddytls: Sync distributed storage cleaning (#5940)
* caddytls: Log out remote addr to detect abuse

* caddytls: Sync distributed storage cleaning

* Handle errors

* Update certmagic to fix tiny bug

* Split off port when logging remote IP

* Upgrade CertMagic
2023-12-07 11:00:02 -07:00
Andreas Kohn
b24ae63ea6
caddytls: Context to DecisionFunc (#5923)
See https://github.com/caddyserver/certmagic/pull/255
2023-12-07 10:40:13 -07:00
dlorenc
878d491834
chore: Bump otel to v1.21.0. (#5949)
Signed-off-by: Dan Lorenc <dlorenc@chainguard.dev>
2023-11-22 17:02:13 +03:00
WeidiDeng
ee358550e4
go.mod: update quic-go version to v0.40.0 (#5922) 2023-10-31 14:05:34 -04:00
Marten Seemann
3f55efcfde
update quic-go to v0.39.3 (#5918) 2023-10-27 07:52:12 -04:00
Mariano Cano
ac0ad4da84
Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913)
This commit upgrades the router used in the acmeserver to
github.com/go-chi/chi/v5. In the latest release of step-ca, the router
used by certificates was upgraded to that version.

Fixes #5911

Signed-off-by: Mariano Cano <mariano.cano@gmail.com>
2023-10-23 21:02:11 -04:00
Matthew Holt
fe2a02bf7a
go.mod: Upgrade quic-go to v0.39.1 2023-10-20 15:23:35 -06:00
Ethan Brown (Domino)
9fc55a9792
go.mod: CVE-2023-45142 Update opentelemetry (#5908) 2023-10-20 21:15:48 +00:00
Matthew Holt
88b4fbf244
go.mod: Upgrade dependencies incl. x/net/http
Possibly important for the HTTP/2 Rapid Reset issue.
2023-10-10 12:01:20 -06:00
WeidiDeng
888c6d7e93
go.mod: Update quic-go to v0.38.0 (#5772)
* go.mod: Update quic-go to v0.38.0

* run "go mod tidy"

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-08-24 02:55:28 +00:00
Marten Seemann
84d5e1c5d6
update quic-go to v0.37.6 (#5767) 2023-08-19 23:34:15 +00:00
Matthew Holt
f11c3c9f5a
go.mod: Upgrade CertMagic and quic-go 2023-08-17 11:34:48 -06:00
Matt Holt
6cdcc2a782
ci: Update to Go 1.21 (#5719)
* ci: Update to Go 1.21

* Bump quic-go to v0.37.4

* Check EnableFullDuplex err

* Linter bug suppression

See https://github.com/timakin/bodyclose/issues/52

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-08-09 12:34:28 -04:00
Shyim
5b9c850ab3
go.mod: Upgrade golang.org/x/net to 0.14.0 (#5718) 2023-08-08 11:23:26 -06:00
Matthew Holt
a8cc5d1a7d go.mod: Upgrade to quic-go v0.37.3
Fixes #5680 once and for all! Hopefully :)

Thank you @marten-seemann for your excellent work!
2023-08-05 18:10:15 -06:00
Matthew Holt
51b1bfb125
go.mod: Upgrade quic-go to v0.37.2 (fix #5680) 2023-08-03 18:44:03 -06:00
Matthew Holt
e198c605bd
go.mod: Upgrade dependencies esp. smallstep/certificates
This prevents initialization of a .step folder when it's not used.
2023-08-02 11:48:59 -06:00
Matthew Holt
94749e119a
go.mod: Use quic-go 0.37.1
Should fix panic in Go 1.21 where there was no RemoteAddr.
2023-07-31 16:31:17 -06:00
Matthew Holt
4df27a20c8
go.mod: Use latest CertMagic (v0.19.1)
Fixes race condition
2023-07-25 10:31:47 -06:00
Marten Seemann
f45a6de20d
go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644)
* update quic-go to v0.37.0

* Bump to Go 1.20

* Bump golangci-lint version, yml syntax consistency

* Use skip-pkg-cache workaround

* Workaround needed for both?

* Seeding weakrand is no longer necessary

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-07-21 22:00:48 -06:00
bt90
f857b32d65
go.mod: update quic-go to v0.36.2 (#5636) 2023-07-17 14:16:43 -06:00
Matt Holt
0e2c7e1d35
caddytls: Reuse certificate cache through reloads (#5623)
* caddytls: Don't purge cert cache on config reload

* Update CertMagic

This actually avoids reloading managed certs from storage
when already in the cache, d'oh.

* Fix bug; re-implement HasCertificateForSubject

* Update go.mod: CertMagic tag
2023-07-11 19:10:58 +00:00
Marten Seemann
7914ba3573
update quic-go to v0.36.1 (#5611) 2023-07-01 19:34:27 -04:00
Matthew Holt
0468508e92 go.mod: Upgrade CertMagic for hotfix 2023-06-21 13:25:38 -06:00
Matthew Holt
415d1e7b6f go.mod: Upgrade some dependencies 2023-06-21 13:25:38 -06:00
Omer Demirok
1a36b06cd4
chore: upgrade otel (#5586) 2023-06-21 11:46:42 -06:00
Marten Seemann
398c12ae9b
go.mod: Update quic-go to v0.36.0 (#5584) 2023-06-21 06:56:12 -04:00
Matthew Holt
9c180a5988
go.mod: Upgrade quic-go to 0.35.1 2023-06-01 11:28:33 -06:00
Marten Seemann
467b7e3a9c
update quic-go to v0.35.0 (#5560) 2023-05-30 05:41:57 -04:00
Matthew Holt
36546cd8b9
go.mod: Upgrade several dependencies 2023-05-15 16:56:27 -06:00
Matt Holt
96919acc9d
caddyhttp: Refactor cert Managers (fix #5415) (#5533) 2023-05-15 10:47:30 -06:00
Matt Holt
faf0399e80
caddytls: Configurable fallback SNI (#5527)
* Initial implementation of fallback_sni

* Apply upstream patch
2023-05-10 14:29:29 -06:00
Matthew Holt
0de6064c3b
go.mod: Upgrade CertMagic again 2023-05-07 23:40:30 -06:00
Matthew Holt
774f228868
go.mod: Upgrade CertMagic 2023-05-06 11:30:27 -06:00
Matthew Holt
1af419e7ec go.mod: Update some dependencies 2023-04-28 09:47:28 -06:00
Dave Henderson
f0e3981774
logging: Add traceID field to access logs when tracing is active (#5507)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-04-27 02:46:41 +00:00
Corin Langosch
b6fe5d4b41
proxyprotocol: Add PROXY protocol support to reverse_proxy, add HTTP listener wrapper (#5424)
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-03-31 17:44:53 -04:00
Matthew Holt
9e943319b4
go.mod: Upgrade dependencies 2023-03-09 10:33:25 -07:00
Chris Reeves
b420561737
tracing: Support autoprop from OTEL_PROPAGATORS (#5147)
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-03-09 09:02:35 -07:00
Matthew Holt
8cb1bb4af3
go.mod: Upgrade quic-go to v0.33.0 (Go 1.19 min) 2023-02-24 13:35:56 -07:00
Matthew Holt
0db29e2ce9
go.mod: Upgrade acmez and x/net
x/net 0.7.0 contains a security patch apparently.
2023-02-14 12:08:31 -07:00
Francis Lavoie
90798f3eea
go.mod: Upgrade various dependencies (#5362)
* chore: Upgrade various dependencies

* Support CEL file matcher with no args

* Document `http.request.orig_uri.path.*`, reorder placeholders in docs

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-08 17:49:17 +00:00
Matthew Holt
f6f1d8fc89
Run go.mod tidy 2023-02-06 12:24:01 -07:00
Francis Lavoie
e62b5fb586
chore: Build with Go 1.20, keep minimum at 1.18 for now (#5353) 2023-02-06 11:29:20 -05:00
Brad Fitzpatrick
98867ac346
go.mod: bump tscert package to fix Tailscale 1.34+ on Windows (#5331)
As of Tailscale 1.34.0 on Windows, Tailscale now uses a named pipe to
connect to the local tailscale service.

This pulls in tailscale/tscert#5 as reported in tailscale/tscert#4.

(Sorry, we should've noticed this earlier!)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2023-01-24 20:01:54 -05:00
Alexandre Vicenzi
e8ad9b32c9
go.mod: Update golang.org/x/net to v0.5.0 (#5314) 2023-01-17 07:07:07 -05:00
Matthew Holt
fac35db9dc
go.mod: Update quic-go to v0.31.0
And fix a comment typo
2022-12-08 08:55:04 -07:00
Mariano Cano
6f8fe01da1
caddypki: Use go.step.sm/crypto to generate the PKI (#5217)
This commit replaces the use of github.com/smallstep/cli to generate the
root and intermediate certificates and uses go.step.sm/crypto instead.

It also upgrades the version of github.com/smallstep/certificates to the
latest version.
2022-11-23 20:47:42 -07:00
Matthew Holt
798c4a3ba4
go.mod: Upgrade some dependencies
Quic-go 0.30 should be faster
2022-10-24 12:20:39 -06:00