Path to this page:
Subject: CVS commit: pkgsrc/www/caddy
From: Benny Siegert
Date: 2018-03-14 09:41:32
Message id: 20180314084132.E5641FB40@cvs.NetBSD.org
Log Message:
Update caddy to 0.10.11.
This release improves automatic HTTPS in cluster configurations, internal TLS
asset management, adds service discovery support to reverse proxying, reusable
snippets for the Caddyfile, and more!
Read the details in the announcement blog post!
https://caddyserver.com/blog/caddy-0_10_11-released
A few minor "breaking" changes include how signals are handled, \
conflicting TLS
configurations are no longer allowed (an error is raised), and a TLS alert is
raised if SNI is used but no certificate is available, rather than serving a
default certificate.
Special thanks to Ed for helping us patch a minor path-based open redirect
possibility!
Full change log:
Reusable snippets for the Caddyfile
Updated QUIC
Auto-HTTPS certificates may be shared by multiple instances
Expand globbed values in -conf flag
Swap behavior of SIGTERM and SIGQUIT; ignore SIGHUP
9 new DNS provider plugins for the ACME DNS challenge
New placeholder for {<Response-Header} values
basicauth: Username put in {user} placeholder
fastcgi: GET requests can now send a body
proxy: Service discovery with DNS SRV load balancing
request_id: Allow reusing request ID from header field
tls: Improved efficiency of many certificates and reloads
tls: Raise error if conflicting TLS configurations collide
tls: Raise TLS alert if SNI used and no cert matched
tls: Reject OCSP responses that expire after the certificate
tls: Clients can use SNI to request a specific certificate
tls: Add option for backend to approve on-demand certificate
tls: Synchronize maintenance of shared, managed certificates
Numerous fabulous bug fixes
Files: