Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
caddytls: Fix handling of IP-only TLS configs and empty-SNI handshakes #2452
1. What does this change do, exactly?
2. Please link to the relevant issues.
3. Which documentation changes (if any) need to be made because of this PR?
Add note about the
Calling on: @fr33tux, @oscartbeaumont, @rmoriz, @whitestrake, and @magikstm if you could help test this please, and ensure it works for you, since I was not able to reproduce all the various issues myself (like the Docker stuff).
This was referenced
Feb 2, 2019
Feb 5, 2019
@mholt None of this is on me. You're responsible for the security of your own product. I reported the vulnerability and provided a fix. What you do from here is on you. I don't use Caddy and I'm not going to spend any more time testing and coding for someone who's just going to get angry at me. If I see another vulnerability while pentesting, I'll report it, but don't expect me to contribute beyond that.