Mirrors/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-02-02 22:27:10 +01:00
Code Issues Projects Releases Packages Wiki Activity

Honor bind directive for ACME challenges

Browse source 
Fixes https://forum.caddyserver.com/t/basic-caddy-installation-failing-on-automatic-https/472?u=matt
This commit is contained in:
Matthew Holt 2016-08-15 12:08:51 -06:00
parent 45ac11088e
commit 454b1e3939
No known key found for this signature in database
GPG key ID: 0D97CC73664F4D03
2 changed files with 17 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
caddyhttp/httpserver/plugin.go
View file

@ -332,8 +332,8 @@ func standardizeAddress(str string) (Address, error) {
var directives = []string{ var directives = []string{
// primitive actions that set up the fundamental vitals of each config // primitive actions that set up the fundamental vitals of each config
"root", "root",
"tls",
"bind", "bind",
"tls",
// services/utilities, or other directives that don't necessarily inject handlers // services/utilities, or other directives that don't necessarily inject handlers
"startup", "startup",

22
caddytls/client.go
View file

@ -103,18 +103,28 @@ var newACMEClient = func(config *Config, allowPrompts bool) (*ACMEClient, error)
// Use HTTP and TLS-SNI challenges by default // Use HTTP and TLS-SNI challenges by default
// See if HTTP challenge needs to be proxied // See if HTTP challenge needs to be proxied
useHTTPPort := "" // empty port value will use challenge default
if caddy.HasListenerWithAddress(net.JoinHostPort(config.ListenHost, HTTPChallengePort)) { if caddy.HasListenerWithAddress(net.JoinHostPort(config.ListenHost, HTTPChallengePort)) {
altPort := config.AltHTTPPort useHTTPPort = config.AltHTTPPort
if altPort == "" { if useHTTPPort == "" {
altPort = DefaultHTTPAlternatePort useHTTPPort = DefaultHTTPAlternatePort
} }
c.SetHTTPAddress(net.JoinHostPort(config.ListenHost, altPort))
} }
// See if TLS challenge needs to be handled by our own facilities // See if TLS challenge needs to be handled by our own facilities
if caddy.HasListenerWithAddress(net.JoinHostPort(config.ListenHost, TLSSNIChallengePort)) { if caddy.HasListenerWithAddress(net.JoinHostPort(config.ListenHost, TLSSNIChallengePort)) {
c.SetChallengeProvider(acme.TLSSNI01, tlsSniSolver{}) c.SetChallengeProvider(acme.TLSSNI01, tlsSniSolver{})
} }
// Always respect user's bind preferences by using config.ListenHost
err := c.SetHTTPAddress(net.JoinHostPort(config.ListenHost, useHTTPPort))
if err != nil {
return nil, err
}
err = c.SetTLSAddress(net.JoinHostPort(config.ListenHost, ""))
if err != nil {
return nil, err
}
} else { } else {
// Otherwise, DNS challenge it is // Otherwise, DNS challenge it is
@ -124,8 +134,8 @@ var newACMEClient = func(config *Config, allowPrompts bool) (*ACMEClient, error)
return nil, errors.New("unknown DNS provider by name '" + config.DNSProvider + "'") return nil, errors.New("unknown DNS provider by name '" + config.DNSProvider + "'")
} }
// we could pass credentials to create the provider, but for now // We could pass credentials to create the provider, but for now
// we just let the solver package get them from the environment // just let the solver package get them from the environment
prov, err := provFn() prov, err := provFn()
if err != nil { if err != nil {
return nil, err return nil, err