man: add some hand-holding for terminal URL recognition
build: make tlstunnel target PHONY
Protect acmeCache.config with atomic.Value
GetConfigForCert can be called from multiple goroutines.
Increase TLS handshake timeout
On-demand certificates can make the handshake pretty slow. It takes
about 5s on my setup.
Unmanage certificates when no longer needed
Upgrade certmagic
Upgrade to caddy's pinned version.
Add downstream TLS handshake timeout
Avoid half-open TCP connections
Fix tls-alpn-01 challenge errors
certmagic's NextProtos contains acmez.ACMETLS1Protocol. We mustn't
overwrite it, otherwise tls-alpn-01 challenges will fail.
Add more context to errors
Add `tls on_demand validate_command`
Stop certmagic cache on shutdown
Fix SIGINT handling
Go's not very helpful here.
Initialize certmagic in Server.Start
This allows directives to change ACMEConfig or ACMEManager before
the server is started.
Add config reloading
Instead of updating the configuration, we configure a new Server instance and
then migrate Listeners that still exist to it. Open client connections are
left completely untouched.
Closes https://todo.sr.ht/~emersion/tlstunnel/1
Remove unused Server reference
Add support for ALPN
Closes: https://todo.sr.ht/~emersion/tlstunnel/11