commit c8af7691c98d6cd5864e6c2b62642c6c3e3ca086 from: Omar Polo date: Thu Jun 22 21:30:32 2023 UTC simplify gotwebd' server matching Currently, if there is not a match on the server name, it attempts to match the "subdomain" against the server names, and fall back to the first server defined. The server name is taken from the SERVER_NAME fastcgi' parameter, the subdomain extracted from HTTP_HOST. Keep only the SERVER_NAME matching, but still use the first server defined if there's no match. Fix the manpage documenting how matching works and drop the lie about SNI as gotwebd doesn't do TLS but just looks at what the upstream http server decided. ok stsp@ commit - 839338f6ab1254d6d0709f19db60b164269288d5 commit + c8af7691c98d6cd5864e6c2b62642c6c3e3ca086 blob - 439dc44795355724c9f4c3a27e86dd2db4e3539b blob + 5c06bfd1e66558fb49eb1dbacf1a866876717461 --- gotwebd/fcgi.c +++ gotwebd/fcgi.c @@ -182,7 +182,7 @@ void fcgi_parse_params(uint8_t *buf, uint16_t n, struct request *c, uint16_t id) { uint32_t name_len, val_len; - uint8_t *sd, *val; + uint8_t *val; if (!c->request_started) { log_warn("FCGI_PARAMS without FCGI_BEGIN_REQUEST, ignoring"); @@ -245,23 +245,6 @@ fcgi_parse_params(uint8_t *buf, uint16_t n, struct req c->querystring[val_len] = '\0'; } - if (c->http_host[0] == '\0' && - val_len < GOTWEBD_MAXTEXT && - name_len == 9 && - strncmp(buf, "HTTP_HOST", 9) == 0) { - memcpy(c->http_host, val, val_len); - c->http_host[val_len] = '\0'; - - /* - * lazily get subdomain - * will only get domain if no subdomain exists - * this can still work if gotweb server name is the same - */ - sd = strchr(c->http_host, '.'); - if (sd) - *sd = '\0'; - } - if (c->document_uri[0] == '\0' && val_len < MAX_DOCUMENT_URI && name_len == 12 && blob - c775066084109268a1ca7a0f0a2c8cf87ecb209a blob + ccf543d72d80d49d1bbe65578c3ee3077f769afd --- gotwebd/gotweb.c +++ gotwebd/gotweb.c @@ -98,7 +98,7 @@ static const struct got_error *gotweb_get_clone_url(ch static void gotweb_free_querystring(struct querystring *); static void gotweb_free_repo_dir(struct repo_dir *); -struct server *gotweb_get_server(uint8_t *, uint8_t *); +struct server *gotweb_get_server(const char *); static int gotweb_reply(struct request *c, int status, const char *ctype, @@ -162,7 +162,7 @@ gotweb_process_request(struct request *c) if (c->sock->client_status == CLIENT_DISCONNECT) return; /* get the gotwebd server */ - srv = gotweb_get_server(c->server_name, c->http_host); + srv = gotweb_get_server(c->server_name); if (srv == NULL) { log_warnx("%s: error server is NULL", __func__); goto err; @@ -387,28 +387,18 @@ err: } struct server * -gotweb_get_server(uint8_t *server_name, uint8_t *subdomain) +gotweb_get_server(const char *server_name) { - struct server *srv = NULL; + struct server *srv; /* check against the server name first */ if (*server_name != '\0') TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) if (strcmp(srv->name, server_name) == 0) - goto done; + return srv; - /* check against subdomain second */ - if (*subdomain != '\0') - TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) - if (strcmp(srv->name, subdomain) == 0) - goto done; - - /* if those fail, send first server */ - TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) - if (srv != NULL) - break; -done: - return srv; + /* otherwise, use the first server */ + return TAILQ_FIRST(&gotwebd_env->servers); }; const struct got_error * blob - 765208e819180a987e11496151b42a2800b2aed9 blob + 4e45a0dbe7ee90444aa4cf887748864c25126a9a --- gotwebd/gotwebd.conf.5 +++ gotwebd/gotwebd.conf.5 @@ -80,13 +80,8 @@ followed by server-specific configuration directives i .Pp .Ic server Ar name Brq ... .Pp -.Xr gotwebd 8 -is compatible with TLS Server Name Indication (SNI), provided the -.Ar name -of a server defined in -.Nm -corresponds to the name of a server defined in -.Xr httpd.conf 5 . +The first server defined is used if the requested hostname is not +matched by any server block. .Pp The available server configuration directives are as follows: .Bl -tag -width Ds blob - 31bcbde9268d51c10f8ed32e6080e1691e0473ec blob + d276e0ebe586663208dfe4640e9c7714bed9f58d --- gotwebd/gotwebd.h +++ gotwebd/gotwebd.h @@ -243,7 +243,6 @@ struct request { size_t outbuf_len; char querystring[MAX_QUERYSTRING]; - char http_host[GOTWEBD_MAXTEXT]; char document_uri[MAX_DOCUMENT_URI]; char server_name[MAX_SERVER_NAME]; int https;