Caddy: Caddyfile lexer bug

Created on 23 Nov 2018  路  3Comments  路  Source: caddyserver/caddy

1. What version of Caddy are you using (caddy -version)?

Caddy 0.11.1 (+ce0988f Mon Nov 19 11:57:34 UTC 2018) (unofficial)

2. What are you trying to do?

I'm try to setup very simple configuration (see below), but caddy wont work normally (because configuration file lexer bug?)

3. What is your entire Caddyfile?

https://localhost:8888 {

    header / X-Cert-ClientSubjectDn "{tls_client_s_dn}"

    tls self_signed {clients verify_if_given ca.crt}

}

4. How did you run Caddy (give the full command and describe the execution environment)?

Just put config file near the bin and run ./caddy

5. Please paste any relevant HTTP request(s) here.

 curl --insecure -E client.crt:1234 --key client.key -i https://localhost:8888

6. What did you expect to see?

<h1>Its work!</h1>

7. What did you see instead (give full error messages and/or log)?

curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

8. How can someone who is starting from scratch reproduce the bug as minimally as possible?

//you can generate client certs using this manual https://gist.github.com/mtigas/952344
Ok, and now about 'real' bug.
I see that lexer in line 118 tokenize input and think that lexems separates by unicode.IsSpace(ch). Its ok, but in my case lexer produce {client and ca.crt} (yes, with curves) tokens (bug?)

Im not sure, that this is not expected, can u explain caddy configuration file rules more detailed?

bug
Source
picture dafanasiev

Most helpful comment

No, I don't think that's the bug. From the docs:

Directives may span multiple lines by opening a block. Blocks are enclosed by curly braces { }. The opening curly brace { must be at the end of the directive's first line, and the closing curly brace } must be the only token on its line:

So your Caddyfile is malformed, but the bug is that Caddy should show an error when parsing the Caddyfile, not silently allowing it to pass.

picture mholt on 9 Jan 2019
👍2

All 3 comments

Hmm, yes, it seems an error should be produced here.

As an aside, what are you expecting to do to with this bit, exactly?

{clients verify_if_given ca.crt}
mholt picture mholt on 23 Nov 2018

@mholt : this just an example where the parser falls.

In total:

//ok:
    tls self_signed {
       clients verify_if_given ca.crt
    }

//fail (because lexer bug, see above):
    tls self_signed {clients verify_if_given ca.crt}
dafanasiev picture dafanasiev on 9 Jan 2019

No, I don't think that's the bug. From the docs:

Directives may span multiple lines by opening a block. Blocks are enclosed by curly braces { }. The opening curly brace { must be at the end of the directive's first line, and the closing curly brace } must be the only token on its line:

So your Caddyfile is malformed, but the bug is that Caddy should show an error when parsing the Caddyfile, not silently allowing it to pass.

mholt picture mholt on 9 Jan 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mikolysz picture mikolysz  路  3Comments
lorddaedra picture lorddaedra  路  3Comments
ericmdantas picture ericmdantas  路  3Comments
billop picture billop  路  3Comments
treviser picture treviser  路  3Comments