diff options
author | Iru Cai | 2019-03-06 11:13:22 +0800 |
---|---|---|
committer | Iru Cai | 2019-03-06 11:13:22 +0800 |
commit | e339f9d7e26b14142ee53a841c45cd3abf08d1fb (patch) | |
tree | eeb4bb76c445606c22d89b34c4c5c1e8cbec0425 | |
parent | 3d9d460653e8e08dd6568434da7df3c18833f362 (diff) | |
download | aur-e339f9d7e26b14142ee53a841c45cd3abf08d1fb.tar.gz |
0.11.5
-rw-r--r-- | .SRCINFO | 14 | ||||
-rw-r--r-- | PKGBUILD | 15 | ||||
-rw-r--r-- | latest_tls13.patch | 249 |
3 files changed, 9 insertions, 269 deletions
@@ -1,7 +1,7 @@ pkgbase = caddy-with-cgi pkgdesc = HTTP/2 Web Server with Automatic HTTPS, with caddy-cgi plugin and gcc-go support - pkgver = 0.11.4 - pkgrel = 3 + pkgver = 0.11.5 + pkgrel = 1 url = https://caddyserver.com install = caddy.install arch = i686 @@ -9,30 +9,26 @@ pkgbase = caddy-with-cgi arch = armv7h arch = aarch64 license = Apache - makedepends = go>=1.10 + makedepends = go>=1.12 provides = caddy conflicts = caddy backup = etc/caddy/caddy.conf - source = https://github.com/mholt/caddy/archive/v0.11.4/caddy-0.11.4.tar.gz + source = https://github.com/mholt/caddy/archive/v0.11.5/caddy-0.11.5.tar.gz source = https://github.com/jung-kurt/caddy-cgi/archive/v1.10.tar.gz source = https://caddyserver.com/resources/images/brand/caddy-at-your-service-white.svg source = index.html source = caddy.service source = caddy.tmpfiles source = caddy.conf - source = default_nocbc.patch - source = latest_tls13.patch source = noquic_aesni.patch source = plugins.patch - sha256sums = 5f95c5dc8e0d6a63ae067bdfa42f78a4ca467cfff5407934582f1133ffcda532 + sha256sums = ab2dc210bc7089fa7d041e702663e592b480945aa99f14b348090091103b7ec5 sha256sums = 4cb13ce2862dbd00e4a97342d5f20bc759e2c1b7983f866aa4b6d421df65249b sha256sums = e679dd79fd92dc351fc190c7af529c73e3896986aaa6b7c0ae01e561398d6b85 sha256sums = 6db7aec45e95bbbf770ce4d120a60d8e4992d2262a8ebf668521179279aa5ae7 sha256sums = 69e25def317a6172011472bd060655142f3085a0c81392f8a7a9c42b6a58bbd9 sha256sums = bd4d912d083be176727882ccc1bbe577a27cc160db09238e5edc05ba458aebce sha256sums = 80520b80ccabf077a3269f6a1bf55faa3811ef5adce115131b35ef2044d37b64 - sha256sums = 35410797a8deb629a974dbbf4b3784c3237d3db8d9c7c589ba85e8b9dddf2be0 - sha256sums = 75f0f3744117d9423b629e67e8dcee71e52791751be822fbd524a29f9f3a7575 sha256sums = f3f9fa975a174928d727f3040fa28e2fbd073b1f4ebd3a68fa43b0aebb90eb64 sha256sums = c8d56b2295e04720ae8fe9493a7931bb2dba5c568fbcae469887ac143bd6b934 @@ -16,16 +16,16 @@ fi pkgname=caddy-with-cgi _pkgbase=caddy -pkgver=0.11.4 +pkgver=0.11.5 _cgiver=1.10 -pkgrel=3 +pkgrel=1 pkgdesc='HTTP/2 Web Server with Automatic HTTPS, with caddy-cgi plugin and gcc-go support' arch=('i686' 'x86_64' 'armv7h' 'aarch64') url='https://caddyserver.com' license=('Apache') backup=('etc/caddy/caddy.conf') install='caddy.install' -makedepends=('go>=1.10') +makedepends=('go>=1.12') provides=('caddy') conflicts=('caddy') source=("https://$_gopkgname/archive/v$pkgver/$_pkgbase-$pkgver.tar.gz" @@ -35,19 +35,15 @@ source=("https://$_gopkgname/archive/v$pkgver/$_pkgbase-$pkgver.tar.gz" 'caddy.service' 'caddy.tmpfiles' 'caddy.conf' - 'default_nocbc.patch' - 'latest_tls13.patch' 'noquic_aesni.patch' 'plugins.patch') -sha256sums=('5f95c5dc8e0d6a63ae067bdfa42f78a4ca467cfff5407934582f1133ffcda532' +sha256sums=('ab2dc210bc7089fa7d041e702663e592b480945aa99f14b348090091103b7ec5' '4cb13ce2862dbd00e4a97342d5f20bc759e2c1b7983f866aa4b6d421df65249b' 'e679dd79fd92dc351fc190c7af529c73e3896986aaa6b7c0ae01e561398d6b85' '6db7aec45e95bbbf770ce4d120a60d8e4992d2262a8ebf668521179279aa5ae7' '69e25def317a6172011472bd060655142f3085a0c81392f8a7a9c42b6a58bbd9' 'bd4d912d083be176727882ccc1bbe577a27cc160db09238e5edc05ba458aebce' '80520b80ccabf077a3269f6a1bf55faa3811ef5adce115131b35ef2044d37b64' - '35410797a8deb629a974dbbf4b3784c3237d3db8d9c7c589ba85e8b9dddf2be0' - '75f0f3744117d9423b629e67e8dcee71e52791751be822fbd524a29f9f3a7575' 'f3f9fa975a174928d727f3040fa28e2fbd073b1f4ebd3a68fa43b0aebb90eb64' 'c8d56b2295e04720ae8fe9493a7931bb2dba5c568fbcae469887ac143bd6b934') @@ -58,7 +54,6 @@ prepare() { mv -Tv "$srcdir/$_pkgbase-$pkgver" "$GOPATH/src/$_gopkgname" mv -Tv "$srcdir/caddy-cgi-$_cgiver" "$GOPATH/src/$_cgipkgname" cd "$GOPATH/src/$_gopkgname" - patch -p1 -i "$srcdir/default_nocbc.patch" patch -p0 -i "$srcdir/plugins.patch" # fix rewrite: rewrite the URI instead of just the path # https://github.com/mholt/caddy/issues/2129 @@ -66,8 +61,6 @@ prepare() { if [ "$USING_GCCGO" == y ] then patch -p1 -i "$srcdir/noquic_aesni.patch" - else - patch -p1 -i "$srcdir/latest_tls13.patch" fi } diff --git a/latest_tls13.patch b/latest_tls13.patch deleted file mode 100644 index 2c606bc7455e..000000000000 --- a/latest_tls13.patch +++ /dev/null @@ -1,249 +0,0 @@ -diff --git a/appveyor.yml b/appveyor.yml -index b19eb7a..7d04da9 100644 ---- a/appveyor.yml -+++ b/appveyor.yml -@@ -10,7 +10,7 @@ clone_folder: c:\gopath\src\github.com\mholt\caddy - environment: - GOPATH: c:\gopath - --stack: go 1.11 -+stack: go 1.12 - - install: - - set PATH=%GOPATH%\bin;%PATH% -diff --git a/caddyhttp/internalsrv/setup.go b/caddyhttp/internalsrv/setup.go -index 35c79d2..f70147a 100644 ---- a/caddyhttp/internalsrv/setup.go -+++ b/caddyhttp/internalsrv/setup.go -@@ -33,7 +33,12 @@ func setup(c *caddy.Controller) error { - return err - } - -- httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler { -+ // Append Internal paths to Caddy config HiddenFiles to ensure -+ // files do not appear in Browse -+ config := httpserver.GetConfig(c) -+ config.HiddenFiles = append(config.HiddenFiles, paths...) -+ -+ config.AddMiddleware(func(next httpserver.Handler) httpserver.Handler { - return Internal{Next: next, Paths: paths} - }) - -diff --git a/caddyhttp/staticfiles/fileserver.go b/caddyhttp/staticfiles/fileserver.go -index 93a7c6d..0863ebe 100644 ---- a/caddyhttp/staticfiles/fileserver.go -+++ b/caddyhttp/staticfiles/fileserver.go -@@ -53,7 +53,7 @@ type FileServer struct { - - // ServeHTTP serves static files for r according to fs's configuration. - func (fs FileServer) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) { -- if r.Method != "GET" { -+ if r.Method != "GET" && r.Method != "HEAD" { - return http.StatusMethodNotAllowed, nil - } - return fs.serveFile(w, r) -diff --git a/caddytls/config.go b/caddytls/config.go -index 77d3795..939f3df 100644 ---- a/caddytls/config.go -+++ b/caddytls/config.go -@@ -407,7 +407,7 @@ func SetDefaultTLSParams(config *Config) { - config.ProtocolMinVersion = tls.VersionTLS12 - } - if config.ProtocolMaxVersion == 0 { -- config.ProtocolMaxVersion = tls.VersionTLS12 -+ config.ProtocolMaxVersion = tls.VersionTLS13 - } - - // Prefer server cipher suites -@@ -430,6 +430,7 @@ var SupportedProtocols = map[string]uint16{ - "tls1.0": tls.VersionTLS10, - "tls1.1": tls.VersionTLS11, - "tls1.2": tls.VersionTLS12, -+ "tls1.3": tls.VersionTLS13, - } - - // GetSupportedProtocolName returns the protocol name -diff --git a/caddytls/selfsigned.go b/caddytls/selfsigned.go -index 367cd73..60d5345 100644 ---- a/caddytls/selfsigned.go -+++ b/caddytls/selfsigned.go -@@ -62,13 +62,10 @@ func newSelfSignedCertificate(ssconfig selfSignedConfig) (tls.Certificate, error - if len(ssconfig.SAN) == 0 { - ssconfig.SAN = []string{""} - } -- var names []string - for _, san := range ssconfig.SAN { - if ip := net.ParseIP(san); ip != nil { -- names = append(names, strings.ToLower(ip.String())) - cert.IPAddresses = append(cert.IPAddresses, ip) - } else { -- names = append(names, strings.ToLower(san)) - cert.DNSNames = append(cert.DNSNames, strings.ToLower(san)) - } - } -diff --git a/caddytls/setup.go b/caddytls/setup.go -index 02a694b..798c743 100644 ---- a/caddytls/setup.go -+++ b/caddytls/setup.go -@@ -34,6 +34,10 @@ import ( - ) - - func init() { -+ // opt-in TLS 1.3 for Go1.12 -+ // TODO: remove this line when Go1.13 is released. -+ os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1") -+ - caddy.RegisterPlugin("tls", caddy.Plugin{Action: setupTLS}) - - // ensure the default Storage implementation is plugged in -diff --git a/caddytls/setup_test.go b/caddytls/setup_test.go -index e973eb2..3c5ded0 100644 ---- a/caddytls/setup_test.go -+++ b/caddytls/setup_test.go -@@ -75,8 +75,8 @@ func TestSetupParseBasic(t *testing.T) { - if cfg.ProtocolMinVersion != tls.VersionTLS12 { - t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMinVersion, got %#v", cfg.ProtocolMinVersion) - } -- if cfg.ProtocolMaxVersion != tls.VersionTLS12 { -- t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMaxVersion, got %v", cfg.ProtocolMaxVersion) -+ if cfg.ProtocolMaxVersion != tls.VersionTLS13 { -+ t.Errorf("Expected 'tls1.3 (0x0304)' as ProtocolMaxVersion, got %#v", cfg.ProtocolMaxVersion) - } - - // Cipher checks -diff --git a/vendor/github.com/mholt/certmagic/config.go b/vendor/github.com/mholt/certmagic/config.go -index 77072d4..a6528da 100644 ---- a/vendor/github.com/mholt/certmagic/config.go -+++ b/vendor/github.com/mholt/certmagic/config.go -@@ -240,6 +240,10 @@ func NewWithCache(certCache *Cache, cfg Config) *Config { - // prepared to serve them up during TLS handshakes. - func (cfg *Config) Manage(domainNames []string) error { - for _, domainName := range domainNames { -+ if !HostQualifies(domainName) { -+ return fmt.Errorf("name does not qualify for automatic certificate management: %s", domainName) -+ } -+ - // if on-demand is configured, simply whitelist this name - if cfg.OnDemand != nil { - if !cfg.OnDemand.whitelistContains(domainName) { -@@ -289,6 +293,9 @@ func (cfg *Config) Manage(domainNames []string) error { - // it does not load them into memory. If interactive is true, - // the user may be shown a prompt. - func (cfg *Config) ObtainCert(name string, interactive bool) error { -+ if cfg.storageHasCertResources(name) { -+ return nil -+ } - skip, err := cfg.preObtainOrRenewChecks(name, interactive) - if err != nil { - return err -@@ -296,16 +303,10 @@ func (cfg *Config) ObtainCert(name string, interactive bool) error { - if skip { - return nil - } -- -- if cfg.storageHasCertResources(name) { -- return nil -- } -- - client, err := cfg.newACMEClient(interactive) - if err != nil { - return err - } -- - return client.Obtain(name) - } - -diff --git a/vendor/github.com/mholt/certmagic/user.go b/vendor/github.com/mholt/certmagic/user.go -index 9055a15..e5852d5 100644 ---- a/vendor/github.com/mholt/certmagic/user.go -+++ b/vendor/github.com/mholt/certmagic/user.go -@@ -84,10 +84,11 @@ func (cfg *Config) getEmail(allowPrompts bool) error { - leEmail = Email - } - // Then try to get most recent user email from storage -+ var gotRecentEmail bool - if leEmail == "" { -- leEmail = cfg.mostRecentUserEmail() -+ leEmail, gotRecentEmail = cfg.mostRecentUserEmail() - } -- if leEmail == "" && allowPrompts { -+ if !gotRecentEmail && leEmail == "" && allowPrompts { - // Looks like there is no email address readily available, - // so we will have to ask the user if we can. - var err error -@@ -95,10 +96,14 @@ func (cfg *Config) getEmail(allowPrompts bool) error { - if err != nil { - return err - } -- cfg.Agreed = true - } -- // lower-casing the email is important for consistency -- cfg.Email = strings.ToLower(leEmail) -+ -+ // save the email for later and ensure it is consistent -+ // for repeated use; then update cfg with our new defaults -+ Email = strings.TrimSpace(strings.ToLower(leEmail)) -+ cfg.Email = Email -+ cfg.Agreed = Agreed -+ - return nil - } - -@@ -123,6 +128,11 @@ func (cfg *Config) getAgreementURL() (string, error) { - return dir.Meta.TermsOfService, nil - } - -+// promptUserForEmail prompts the user for an email address -+// and returns the email address they entered (which could -+// be the empty string). If no error is returned, then Agreed -+// will also be set to true, since continuing through the -+// prompt signifies agreement. - func (cfg *Config) promptUserForEmail() (string, error) { - agreementURL, err := cfg.getAgreementURL() - if err != nil { -@@ -139,6 +149,7 @@ func (cfg *Config) promptUserForEmail() (string, error) { - return "", fmt.Errorf("reading email address: %v", err) - } - leEmail = strings.TrimSpace(leEmail) -+ Agreed = true - return leEmail, nil - } - -@@ -234,10 +245,10 @@ func (cfg *Config) askUserAgreement(agreementURL string) bool { - // in s. Since this is part of a complex sequence to get a user - // account, errors here are discarded to simplify code flow in - // the caller, and errors are not important here anyway. --func (cfg *Config) mostRecentUserEmail() string { -+func (cfg *Config) mostRecentUserEmail() (string, bool) { - userList, err := cfg.certCache.storage.List(StorageKeys.UsersPrefix(cfg.CA), false) - if err != nil || len(userList) == 0 { -- return "" -+ return "", false - } - sort.Slice(userList, func(i, j int) bool { - iInfo, _ := cfg.certCache.storage.Stat(userList[i]) -@@ -246,9 +257,9 @@ func (cfg *Config) mostRecentUserEmail() string { - }) - user, err := cfg.getUser(path.Base(userList[0])) - if err != nil { -- return "" -+ return "", false - } -- return user.Email -+ return user.Email, true - } - - // agreementTestURL is set during tests to skip requiring -diff --git a/vendor/manifest b/vendor/manifest -index 0abcba8..d00333f 100644 ---- a/vendor/manifest -+++ b/vendor/manifest -@@ -138,7 +138,7 @@ - "importpath": "github.com/mholt/certmagic", - "repository": "https://github.com/mholt/certmagic", - "vcs": "git", -- "revision": "a7f18a937c080b88693cd4e14d48e42cc067b268", -+ "revision": "e3e89d1096d76d61680f8eeb8f67649baa6c54b8", - "branch": "master", - "notests": true - }, |