diff options
| author | Adam Weinberger <adamw@FreeBSD.org> | 2024-01-17 06:41:24 -0500 |
|---|---|---|
| committer | Adam Weinberger <adamw@FreeBSD.org> | 2024-01-17 06:49:24 -0500 |
| commit | 2d925f150358bf061d4fec9bb8caa009e0a56442 (patch) | |
| tree | 55e121769bacbe99b5618295f1dde6ada3daec04 /www | |
| parent | e32cceef0b1aa6de0c62357a841c29bde1b04fad (diff) | |
| download | freebsd-ports-2d925f150358bf061d4fec9bb8caa009e0a56442.zip | |
www/caddy{,-custom}: Fix start/stop with admin API disabled
Caddy largely relies on the admin API for state control, like
start/stop/reload. However, the admin API endpoints are inherently
a security risk.
Although the admin API is enabled by default, many users may choose
to disable it. However, the rc(8) script then needs an alternative
approach to controlling the daemon.
We already sortof supported signal-based control, but it didn't always
work, because there are multiple error messages that indicate that
the admin API is disabled (and none of them actually say that in a clear
way).
This commit fixes start and stop with the admin API disabled. The
reload command (and reloadssl) still require the admin API to be
enabled and will fail if the admin API is disabled.
PR: 255106
Submitted by: scf
Diffstat (limited to 'www')
| -rw-r--r-- | www/caddy-custom/Makefile | 2 | ||||
| -rw-r--r-- | www/caddy-custom/files/caddy.in | 4 | ||||
| -rw-r--r-- | www/caddy/Makefile | 1 | ||||
| -rw-r--r-- | www/caddy/files/caddy.in | 4 |
4 files changed, 8 insertions, 3 deletions
diff --git a/www/caddy-custom/Makefile b/www/caddy-custom/Makefile index 9b12d33b97af..19ddef881324 100644 --- a/www/caddy-custom/Makefile +++ b/www/caddy-custom/Makefile @@ -4,7 +4,7 @@ PORTNAME= caddy-custom PORTVERSION= ${CADDY_VERSION}.${XCADDY_VERSION} -PORTREVISION= 11 +PORTREVISION= 12 CATEGORIES= www DISTFILES= # none diff --git a/www/caddy-custom/files/caddy.in b/www/caddy-custom/files/caddy.in index ac1098bcd130..fc1f74e1de55 100644 --- a/www/caddy-custom/files/caddy.in +++ b/www/caddy-custom/files/caddy.in @@ -150,7 +150,9 @@ caddy_prestop() echo "done" exit 0 else - if echo "${result}" | grep -q "connection refused"; then + if echo "${result}" | grep -q -e "connection refused" \ + -e "connect: no such file or directory"; then + echo "admin interface unavailable; using pidfile" return 0 else diff --git a/www/caddy/Makefile b/www/caddy/Makefile index 6d9545d465bd..b6bf4f6044db 100644 --- a/www/caddy/Makefile +++ b/www/caddy/Makefile @@ -1,6 +1,7 @@ PORTNAME= caddy DISTVERSIONPREFIX= v DISTVERSION= 2.7.6 +PORTREVISION= 1 CATEGORIES= www DIST_SUBDIR= caddy diff --git a/www/caddy/files/caddy.in b/www/caddy/files/caddy.in index 37babe7889d3..34b0157f1d00 100644 --- a/www/caddy/files/caddy.in +++ b/www/caddy/files/caddy.in @@ -150,7 +150,9 @@ caddy_prestop() echo "done" exit 0 else - if echo "${result}" | grep -q "connection refused"; then + if echo "${result}" | grep -q -e "connection refused" \ + -e "connect: no such file or directory"; then + echo "admin interface unavailable; using pidfile" return 0 else |