commit b95d1cf6b000a7750270aced50dba0807da41467 from: Omar Polo via: Thomas Adam date: Sun Jun 25 17:34:21 2023 UTC simplify gotwebd' server matching Currently, if there is not a match on the server name, it attempts to match the "subdomain" against the server names, and fall back to the first server defined. The server name is taken from the SERVER_NAME fastcgi' parameter, the subdomain extracted from HTTP_HOST. Keep only the SERVER_NAME matching, but still use the first server defined if there's no match. Fix the manpage documenting how matching works and drop the lie about SNI as gotwebd doesn't do TLS but just looks at what the upstream http server decided. ok stsp@ commit - 2c8fb90b1e0dde9cdb762321686cdff591863d11 commit + b95d1cf6b000a7750270aced50dba0807da41467 blob - 14e517f95dc558a15f4d00656168eade8bc25fa5 blob + fc9087208b069caaf128a3857cdb21b5a13fc4cf --- gotwebd/fcgi.c +++ gotwebd/fcgi.c @@ -184,7 +184,7 @@ void fcgi_parse_params(uint8_t *buf, uint16_t n, struct request *c, uint16_t id) { uint32_t name_len, val_len; - uint8_t *sd, *val; + uint8_t *val; if (!c->request_started) { log_warn("FCGI_PARAMS without FCGI_BEGIN_REQUEST, ignoring"); @@ -247,23 +247,6 @@ fcgi_parse_params(uint8_t *buf, uint16_t n, struct req c->querystring[val_len] = '\0'; } - if (c->http_host[0] == '\0' && - val_len < GOTWEBD_MAXTEXT && - name_len == 9 && - strncmp(buf, "HTTP_HOST", 9) == 0) { - memcpy(c->http_host, val, val_len); - c->http_host[val_len] = '\0'; - - /* - * lazily get subdomain - * will only get domain if no subdomain exists - * this can still work if gotweb server name is the same - */ - sd = strchr(c->http_host, '.'); - if (sd) - *sd = '\0'; - } - if (c->document_uri[0] == '\0' && val_len < MAX_DOCUMENT_URI && name_len == 12 && blob - 7e31506198c3c606f2e163a630d2c934412e2a5f blob + c9f1d28d7a2f3d015e2dba4755889533dd1c5f94 --- gotwebd/gotweb.c +++ gotwebd/gotweb.c @@ -97,7 +97,7 @@ static const struct got_error *gotweb_get_clone_url(ch static void gotweb_free_querystring(struct querystring *); static void gotweb_free_repo_dir(struct repo_dir *); -struct server *gotweb_get_server(uint8_t *, uint8_t *); +struct server *gotweb_get_server(const char *); static int gotweb_reply(struct request *c, int status, const char *ctype, @@ -161,7 +161,7 @@ gotweb_process_request(struct request *c) if (c->sock->client_status == CLIENT_DISCONNECT) return; /* get the gotwebd server */ - srv = gotweb_get_server(c->server_name, c->http_host); + srv = gotweb_get_server(c->server_name); if (srv == NULL) { log_warnx("%s: error server is NULL", __func__); goto err; @@ -386,28 +386,18 @@ err: } struct server * -gotweb_get_server(uint8_t *server_name, uint8_t *subdomain) +gotweb_get_server(const char *server_name) { - struct server *srv = NULL; + struct server *srv; /* check against the server name first */ if (*server_name != '\0') TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) if (strcmp(srv->name, server_name) == 0) - goto done; + return srv; - /* check against subdomain second */ - if (*subdomain != '\0') - TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) - if (strcmp(srv->name, subdomain) == 0) - goto done; - - /* if those fail, send first server */ - TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) - if (srv != NULL) - break; -done: - return srv; + /* otherwise, use the first server */ + return TAILQ_FIRST(&gotwebd_env->servers); }; const struct got_error * blob - 765208e819180a987e11496151b42a2800b2aed9 blob + 4e45a0dbe7ee90444aa4cf887748864c25126a9a --- gotwebd/gotwebd.conf.5 +++ gotwebd/gotwebd.conf.5 @@ -80,13 +80,8 @@ followed by server-specific configuration directives i .Pp .Ic server Ar name Brq ... .Pp -.Xr gotwebd 8 -is compatible with TLS Server Name Indication (SNI), provided the -.Ar name -of a server defined in -.Nm -corresponds to the name of a server defined in -.Xr httpd.conf 5 . +The first server defined is used if the requested hostname is not +matched by any server block. .Pp The available server configuration directives are as follows: .Bl -tag -width Ds blob - 3286dbc6e6022af719d350d5ae32579808a5c37e blob + b57b5c257cd8c89e9488fadc04f55c798b3a2c03 --- gotwebd/gotwebd.h +++ gotwebd/gotwebd.h @@ -245,7 +245,6 @@ struct request { size_t outbuf_len; char querystring[MAX_QUERYSTRING]; - char http_host[GOTWEBD_MAXTEXT]; char document_uri[MAX_DOCUMENT_URI]; char server_name[MAX_SERVER_NAME]; int https;