tls: Add support for the tls-alpn-01 challenge (#2201)

* tls: Add support for the tls-alpn-01 challenge Also updates lego/acme to latest on master. TODO: This implementation of the tls-alpn challenge is not yet solvable in a distributed Caddy cluster like the http challenge is. * build: Allow building with the race detector * tls: Support distributed solving of the TLS-ALPN-01 challenge * Update vendor and add a todo in MITM checker
2026-05-24 16:41:20 -04:00 · 2018-12-05 17:33:23 -07:00
parent ae5f013a48
commit 09188981c4
37 changed files with 822 additions and 319 deletions
--- a/caddyhttp/httpserver/plugin.go
+++ b/caddyhttp/httpserver/plugin.go
@@ -169,12 +169,12 @@ func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []cadd

 			// If default HTTP or HTTPS ports have been customized,
 			// make sure the ACME challenge ports match
-			var altHTTPPort, altTLSSNIPort string
+			var altHTTPPort, altTLSALPNPort string
 			if HTTPPort != DefaultHTTPPort {
 				altHTTPPort = HTTPPort
 			}
 			if HTTPSPort != DefaultHTTPSPort {
-				altTLSSNIPort = HTTPSPort
+				altTLSALPNPort = HTTPSPort
 			}

 			// Make our caddytls.Config, which has a pointer to the
@@ -183,7 +183,7 @@ func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []cadd
 			caddytlsConfig := caddytls.NewConfig(h.instance)
 			caddytlsConfig.Hostname = addr.Host
 			caddytlsConfig.AltHTTPPort = altHTTPPort
-			caddytlsConfig.AltTLSSNIPort = altTLSSNIPort
+			caddytlsConfig.AltTLSALPNPort = altTLSALPNPort

 			// Save the config to our master list, and key it for lookups
 			cfg := &SiteConfig{