diff options
-rw-r--r-- | .SRCINFO | 4 | ||||
-rw-r--r-- | PKGBUILD | 9 | ||||
-rw-r--r-- | noquic_aesni.patch | 70 |
3 files changed, 45 insertions, 38 deletions
@@ -1,7 +1,7 @@ pkgbase = caddy-with-cgi pkgdesc = HTTP/2 Web Server with Automatic HTTPS, with caddy-cgi plugin and gcc-go support pkgver = 1.0.0 - pkgrel = 1 + pkgrel = 2 url = https://caddyserver.com install = caddy.install arch = i686 @@ -29,7 +29,7 @@ pkgbase = caddy-with-cgi sha256sums = 69e25def317a6172011472bd060655142f3085a0c81392f8a7a9c42b6a58bbd9 sha256sums = bd4d912d083be176727882ccc1bbe577a27cc160db09238e5edc05ba458aebce sha256sums = 80520b80ccabf077a3269f6a1bf55faa3811ef5adce115131b35ef2044d37b64 - sha256sums = f3f9fa975a174928d727f3040fa28e2fbd073b1f4ebd3a68fa43b0aebb90eb64 + sha256sums = 03c676ed4cd6467310ba47c8a8874a95a773263115d56001f220c1972e4a3230 sha256sums = 19aa631a55d74aba2c79749c9ae67d7465d1428a072b303aedf1194190778347 pkgname = caddy-with-cgi @@ -12,20 +12,23 @@ if `pacman -Qq gcc-go >/dev/null 2>/dev/null` then USING_GCCGO=y GOFLAGS="-gccgoflags -O2" + depends=('gcc-libs') + makedepends=('gcc-go>=9.1.0') +else + makedepends=('go>=1.12') fi pkgname=caddy-with-cgi _pkgbase=caddy pkgver=1.0.0 _cgiver=1.10 -pkgrel=1 +pkgrel=2 pkgdesc='HTTP/2 Web Server with Automatic HTTPS, with caddy-cgi plugin and gcc-go support' arch=('i686' 'x86_64' 'armv7h' 'aarch64') url='https://caddyserver.com' license=('Apache') backup=('etc/caddy/caddy.conf') install='caddy.install' -makedepends=('go>=1.12') provides=('caddy') conflicts=('caddy') source=("https://$_gopkgname/archive/v$pkgver/$_pkgbase-$pkgver.tar.gz" @@ -44,7 +47,7 @@ sha256sums=('1c8b435a79e21b9832c7a8a88c44e70bc80434ca3719853d2b1092ffbbbbff7d' '69e25def317a6172011472bd060655142f3085a0c81392f8a7a9c42b6a58bbd9' 'bd4d912d083be176727882ccc1bbe577a27cc160db09238e5edc05ba458aebce' '80520b80ccabf077a3269f6a1bf55faa3811ef5adce115131b35ef2044d37b64' - 'f3f9fa975a174928d727f3040fa28e2fbd073b1f4ebd3a68fa43b0aebb90eb64' + '03c676ed4cd6467310ba47c8a8874a95a773263115d56001f220c1972e4a3230' '19aa631a55d74aba2c79749c9ae67d7465d1428a072b303aedf1194190778347') prepare() { diff --git a/noquic_aesni.patch b/noquic_aesni.patch index c684559e3551..eca192a372d3 100644 --- a/noquic_aesni.patch +++ b/noquic_aesni.patch @@ -1,53 +1,57 @@ diff --git a/caddyhttp/httpserver/server.go b/caddyhttp/httpserver/server.go -index de53cea..1b58e04 100644 +index 7940ac8..71cc657 100644 --- a/caddyhttp/httpserver/server.go +++ b/caddyhttp/httpserver/server.go -@@ -32,7 +32,6 @@ import ( - "sync" +@@ -31,7 +31,6 @@ import ( + "strings" "time" - "github.com/lucas-clemente/quic-go/h2quic" "github.com/mholt/caddy" "github.com/mholt/caddy/caddyhttp/staticfiles" "github.com/mholt/caddy/caddytls" -@@ -42,7 +41,6 @@ import ( +@@ -41,7 +40,6 @@ import ( // Server is the HTTP server implementation. type Server struct { Server *http.Server - quicServer *h2quic.Server - listener net.Listener - listenerMu sync.Mutex sites []*SiteConfig -@@ -105,12 +103,6 @@ func NewServer(addr string, group []*SiteConfig) (*Server, error) { - - // if TLS is enabled, make sure we prepare the Server accordingly + connTimeout time.Duration // max time to wait for a connection before force stop + tlsGovChan chan struct{} // close to stop the TLS maintenance goroutine +@@ -104,7 +102,6 @@ func NewServer(addr string, group []*SiteConfig) (*Server, error) { if s.Server.TLSConfig != nil { -- // enable QUIC if desired (requires HTTP/2) -- if HTTP2 && QUIC { + // enable QUIC if desired (requires HTTP/2) + if HTTP2 && QUIC { - s.quicServer = &h2quic.Server{Server: s.Server} -- s.Server.Handler = s.wrapWithSvcHeaders(s.Server.Handler) -- } -- - // wrap the HTTP handler with a handler that does MITM detection - tlsh := &tlsHandler{next: s.Server.Handler} - s.Server.Handler = tlsh // this needs to be the "outer" handler when Serve() is called, for type assertion -@@ -237,7 +229,6 @@ func makeHTTPServerWithTimeouts(addr string, group []*SiteConfig) *http.Server { + s.Server.Handler = s.wrapWithSvcHeaders(s.Server.Handler) + } + +@@ -234,9 +231,6 @@ func makeHTTPServerWithTimeouts(addr string, group []*SiteConfig) *http.Server { func (s *Server) wrapWithSvcHeaders(previousHandler http.Handler) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { -- s.quicServer.SetQuicHeaders(w.Header()) +- if err := s.quicServer.SetQuicHeaders(w.Header()); err != nil { +- log.Println("[Error] failed to set proper headers for QUIC: ", err) +- } previousHandler.ServeHTTP(w, r) } } -@@ -333,18 +324,11 @@ func (s *Server) Serve(ln net.Listener) error { - if err == http.ErrServerClosed { - err = nil // not an error worth reporting since closing a server is intentional +@@ -324,14 +318,6 @@ func (s *Server) Serve(ln net.Listener) error { + s.tlsGovChan = caddytls.RotateSessionTicketKeys(s.Server.TLSConfig) } -- if s.quicServer != nil { -- s.quicServer.Close() -- } - return err - } + +- defer func() { +- if s.quicServer != nil { +- if err := s.quicServer.Close(); err != nil { +- log.Println("[ERROR] failed to close QUIC server: ", err) +- } +- } +- }() +- + err := s.Server.Serve(ln) + if err != nil && err != http.ErrServerClosed { + return err +@@ -341,10 +327,6 @@ func (s *Server) Serve(ln net.Listener) error { // ServePacket serves QUIC requests on pc until it is closed. func (s *Server) ServePacket(pc net.PacketConn) error { @@ -59,10 +63,10 @@ index de53cea..1b58e04 100644 } diff --git a/caddyhttp/proxy/reverseproxy.go b/caddyhttp/proxy/reverseproxy.go -index 14d4bd7..d8d0622 100644 +index c20be0c..884fd4d 100644 --- a/caddyhttp/proxy/reverseproxy.go +++ b/caddyhttp/proxy/reverseproxy.go -@@ -40,8 +40,6 @@ import ( +@@ -41,8 +41,6 @@ import ( "golang.org/x/net/http2" @@ -71,7 +75,7 @@ index 14d4bd7..d8d0622 100644 "github.com/mholt/caddy/caddyhttp/httpserver" ) -@@ -250,13 +248,6 @@ func NewSingleHostReverseProxy(target *url.URL, without string, keepalive int, t +@@ -253,13 +251,6 @@ func NewSingleHostReverseProxy(target *url.URL, without string, keepalive int, t rp.Transport = &http.Transport{ Dial: socketDial(target.String(), timeout), } @@ -85,7 +89,7 @@ index 14d4bd7..d8d0622 100644 } else if keepalive != http.DefaultMaxIdleConnsPerHost || strings.HasPrefix(target.Scheme, "srv") { dialFunc := rp.dialer.Dial if strings.HasPrefix(target.Scheme, "srv") { -@@ -303,11 +294,6 @@ func (rp *ReverseProxy) UseInsecureTransport() { +@@ -310,11 +301,6 @@ func (rp *ReverseProxy) UseInsecureTransport() { // No http2.ConfigureTransport() here. // For now this is only added in places where // an http.Transport is actually created. @@ -97,7 +101,7 @@ index 14d4bd7..d8d0622 100644 } } -@@ -322,11 +308,6 @@ func (rp *ReverseProxy) UseOwnCACertificates(CaCertPool *x509.CertPool) { +@@ -329,11 +315,6 @@ func (rp *ReverseProxy) UseOwnCACertificates(CaCertPool *x509.CertPool) { // No http2.ConfigureTransport() here. // For now this is only added in places where // an http.Transport is actually created. @@ -109,7 +113,7 @@ index 14d4bd7..d8d0622 100644 } } -@@ -340,10 +321,6 @@ func (rp *ReverseProxy) ServeHTTP(rw http.ResponseWriter, outreq *http.Request, +@@ -347,10 +328,6 @@ func (rp *ReverseProxy) ServeHTTP(rw http.ResponseWriter, outreq *http.Request, rp.Director(outreq) |