Use CertMagic's HTTP and HTTPS port variable

Slightly inconvenient because it uses int type and we use string, but
oh well. This fixes a bug related to setting -http-port and -https-port
flags which weren't being used by CertMagic in some cases.

caddyhttp/httpserver/https.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"strconv"
 
 	"github.com/mholt/caddy"
 	"github.com/mholt/caddy/caddytls"
@@ -125,7 +126,7 @@ func enableAutoHTTPS(configs []*SiteConfig, loadCertificates bool) error {
 			cfg.TLS.Enabled &&
 			(!cfg.TLS.Manual || cfg.TLS.Manager.OnDemand != nil) &&
 			cfg.Addr.Host != "localhost" {
-			cfg.Addr.Port = HTTPSPort
+			cfg.Addr.Port = strconv.Itoa(certmagic.HTTPSPort)
 		}
 	}
 	return nil
@@ -138,10 +139,12 @@ func enableAutoHTTPS(configs []*SiteConfig, loadCertificates bool) error {
 // only set up redirects for configs that qualify. It returns the updated list of
 // all configs.
 func makePlaintextRedirects(allConfigs []*SiteConfig) []*SiteConfig {
+	httpPort := strconv.Itoa(certmagic.HTTPPort)
+	httpsPort := strconv.Itoa(certmagic.HTTPSPort)
 	for i, cfg := range allConfigs {
 		if cfg.TLS.Managed &&
-			!hostHasOtherPort(allConfigs, i, HTTPPort) &&
-			(cfg.Addr.Port == HTTPSPort || !hostHasOtherPort(allConfigs, i, HTTPSPort)) {
+			!hostHasOtherPort(allConfigs, i, httpPort) &&
+			(cfg.Addr.Port == httpsPort || !hostHasOtherPort(allConfigs, i, httpsPort)) {
 			allConfigs = append(allConfigs, redirPlaintextHost(cfg))
 		}
 	}
@@ -167,10 +170,10 @@ func hostHasOtherPort(allConfigs []*SiteConfig, thisConfigIdx int, otherPort str
 // redirPlaintextHost returns a new plaintext HTTP configuration for
 // a virtualHost that simply redirects to cfg, which is assumed to
 // be the HTTPS configuration. The returned configuration is set
-// to listen on HTTPPort. The TLS field of cfg must not be nil.
+// to listen on certmagic.HTTPPort. The TLS field of cfg must not be nil.
 func redirPlaintextHost(cfg *SiteConfig) *SiteConfig {
 	redirPort := cfg.Addr.Port
-	if redirPort == HTTPSPort {
+	if redirPort == strconv.Itoa(certmagic.HTTPSPort) {
 		// By default, HTTPSPort should be DefaultHTTPSPort,
 		// which of course doesn't need to be explicitly stated
 		// in the Location header. Even if HTTPSPort is changed
@@ -210,7 +213,7 @@ func redirPlaintextHost(cfg *SiteConfig) *SiteConfig {
 	}
 
 	host := cfg.Addr.Host
-	port := HTTPPort
+	port := strconv.Itoa(certmagic.HTTPPort)
 	addr := net.JoinHostPort(host, port)
 
 	return &SiteConfig{

caddyhttp/httpserver/plugin.go

@@ -38,8 +38,8 @@ import (
 const serverType = "http"
 
 func init() {
-	flag.StringVar(&HTTPPort, "http-port", HTTPPort, "Default port to use for HTTP")
-	flag.StringVar(&HTTPSPort, "https-port", HTTPSPort, "Default port to use for HTTPS")
+	flag.IntVar(&certmagic.HTTPPort, "http-port", certmagic.HTTPPort, "Default port to use for HTTP")
+	flag.IntVar(&certmagic.HTTPSPort, "https-port", certmagic.HTTPSPort, "Default port to use for HTTPS")
 	flag.StringVar(&Host, "host", DefaultHost, "Default host")
 	flag.StringVar(&Port, "port", DefaultPort, "Default port")
 	flag.StringVar(&Root, "root", DefaultRoot, "Root path of default site")
@@ -128,6 +128,8 @@ func (h *httpContext) saveConfig(key string, cfg *SiteConfig) {
 // be parsed and executed.
 func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []caddyfile.ServerBlock) ([]caddyfile.ServerBlock, error) {
 	siteAddrs := make(map[string]string)
+	httpPort := strconv.Itoa(certmagic.HTTPPort)
+	httpsPort := strconv.Itoa(certmagic.HTTPSPort)
 
 	// For each address in each server block, make a new config
 	for _, sb := range serverBlocks {
@@ -172,15 +174,15 @@ func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []cadd
 			// If default HTTP or HTTPS ports have been customized,
 			// make sure the ACME challenge ports match
 			var altHTTPPort, altTLSALPNPort int
-			if HTTPPort != DefaultHTTPPort {
-				portInt, err := strconv.Atoi(HTTPPort)
+			if httpPort != DefaultHTTPPort {
+				portInt, err := strconv.Atoi(httpPort)
 				if err != nil {
 					return nil, err
 				}
 				altHTTPPort = portInt
 			}
-			if HTTPSPort != DefaultHTTPSPort {
-				portInt, err := strconv.Atoi(HTTPSPort)
+			if httpsPort != DefaultHTTPSPort {
+				portInt, err := strconv.Atoi(httpsPort)
 				if err != nil {
 					return nil, err
 				}
@@ -228,6 +230,9 @@ func (h *httpContext) InspectServerBlocks(sourceFile string, serverBlocks []cadd
 // MakeServers uses the newly-created siteConfigs to
 // create and return a list of server instances.
 func (h *httpContext) MakeServers() ([]caddy.Server, error) {
+	httpPort := strconv.Itoa(certmagic.HTTPPort)
+	httpsPort := strconv.Itoa(certmagic.HTTPSPort)
+
 	// make a rough estimate as to whether we're in a "production
 	// environment/system" - start by assuming that most production
 	// servers will set their default CA endpoint to a public,
@@ -266,7 +271,7 @@ func (h *httpContext) MakeServers() ([]caddy.Server, error) {
 		if !cfg.TLS.Enabled {
 			continue
 		}
-		if cfg.Addr.Port == HTTPPort || cfg.Addr.Scheme == "http" {
+		if cfg.Addr.Port == httpPort || cfg.Addr.Scheme == "http" {
 			cfg.TLS.Enabled = false
 			log.Printf("[WARNING] TLS disabled for %s", cfg.Addr)
 		} else if cfg.Addr.Scheme == "" {
@@ -281,7 +286,7 @@ func (h *httpContext) MakeServers() ([]caddy.Server, error) {
 			// this is vital, otherwise the function call below that
 			// sets the listener address will use the default port
 			// instead of 443 because it doesn't know about TLS.
-			cfg.Addr.Port = HTTPSPort
+			cfg.Addr.Port = httpsPort
 		}
 		if cfg.TLS.ClientAuth != tls.NoClientCert {
 			if QUIC {
@@ -421,7 +426,7 @@ func (a Address) String() string {
 	}
 	scheme := a.Scheme
 	if scheme == "" {
-		if a.Port == HTTPSPort {
+		if a.Port == strconv.Itoa(certmagic.HTTPSPort) {
 			scheme = "https"
 		} else {
 			scheme = "http"
@@ -502,6 +507,9 @@ func (a Address) Key() string {
 func standardizeAddress(str string) (Address, error) {
 	input := str
 
+	httpPort := strconv.Itoa(certmagic.HTTPPort)
+	httpsPort := strconv.Itoa(certmagic.HTTPSPort)
+
 	// Split input into components (prepend with // to assert host by default)
 	if !strings.Contains(str, "//") && !strings.HasPrefix(str, "/") {
 		str = "//" + str
@@ -523,9 +531,9 @@ func standardizeAddress(str string) (Address, error) {
 	// see if we can set port based off scheme
 	if port == "" {
 		if u.Scheme == "http" {
-			port = HTTPPort
+			port = httpPort
 		} else if u.Scheme == "https" {
-			port = HTTPSPort
+			port = httpsPort
 		}
 	}
 
@@ -535,17 +543,17 @@ func standardizeAddress(str string) (Address, error) {
 	}
 
 	// error if scheme and port combination violate convention
-	if (u.Scheme == "http" && port == HTTPSPort) || (u.Scheme == "https" && port == HTTPPort) {
+	if (u.Scheme == "http" && port == httpsPort) || (u.Scheme == "https" && port == httpPort) {
 		return Address{}, fmt.Errorf("[%s] scheme and port violate convention", input)
 	}
 
 	// standardize http and https ports to their respective port numbers
 	if port == "http" {
 		u.Scheme = "http"
-		port = HTTPPort
+		port = httpPort
 	} else if port == "https" {
 		u.Scheme = "https"
-		port = HTTPSPort
+		port = httpsPort
 	}
 
 	return Address{Original: input, Scheme: u.Scheme, Host: host, Port: port, Path: u.Path}, err
@@ -723,10 +731,4 @@ var (
 
 	// QUIC indicates whether QUIC is enabled or not.
 	QUIC bool
-
-	// HTTPPort is the port to use for HTTP.
-	HTTPPort = DefaultHTTPPort
-
-	// HTTPSPort is the port to use for HTTPS.
-	HTTPSPort = DefaultHTTPSPort
 )

caddyhttp/httpserver/tplcontext.go

@@ -25,6 +25,7 @@ import (
 	"net/http"
 	"net/url"
 	"path"
+	"strconv"
 	"strings"
 	"sync"
 	"text/template"
@@ -33,6 +34,7 @@ import (
 	"os"
 
 	"github.com/mholt/caddy/caddytls"
+	"github.com/mholt/certmagic"
 	"github.com/russross/blackfriday"
 )
 
@@ -178,7 +180,7 @@ func (c Context) Port() (string, error) {
 	if err != nil {
 		if !strings.Contains(c.Req.Host, ":") {
 			// common with sites served on the default port 80
-			return HTTPPort, nil
+			return strconv.Itoa(certmagic.HTTPPort), nil
 		}
 		return "", err
 	}