From 96bb3659299ae5ef28ffb3f9a23e16417c570924 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Fri, 16 Apr 2021 11:17:15 -0600 Subject: [PATCH] httpcaddyfile: Take into account host scheme/port (fix #4113) --- caddyconfig/httpcaddyfile/tlsapp.go | 8 +++--- .../http_only_on_hostless_block.txt | 28 +++++++++++++++++++ 2 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 85f9e5a37..1e32be010 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -54,7 +54,7 @@ func (st ServerType) buildTLSApp( // a hostless key, so that they don't get forgotten/omitted // by auto-HTTPS (since they won't appear in route matchers) var serverBlocksWithTLSHostlessKey int - hostsSharedWithHostlessKey := make(map[string]struct{}) + httpsHostsSharedWithHostlessKey := make(map[string]struct{}) for _, pair := range pairings { for _, sb := range pair.serverBlocks { for _, addr := range sb.keys { @@ -70,8 +70,8 @@ func (st ServerType) buildTLSApp( if otherAddr.Original == addr.Original { continue } - if otherAddr.Host != "" { - hostsSharedWithHostlessKey[otherAddr.Host] = struct{}{} + if otherAddr.Host != "" && otherAddr.Scheme != "http" && otherAddr.Port != httpPort { + httpsHostsSharedWithHostlessKey[otherAddr.Host] = struct{}{} } } break @@ -289,7 +289,7 @@ func (st ServerType) buildTLSApp( internalAP := &caddytls.AutomationPolicy{ IssuersRaw: []json.RawMessage{json.RawMessage(`{"module":"internal"}`)}, } - for h := range hostsSharedWithHostlessKey { + for h := range httpsHostsSharedWithHostlessKey { al = append(al, h) if !certmagic.SubjectQualifiesForPublicCert(h) { internalAP.Subjects = append(internalAP.Subjects, h) diff --git a/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt b/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt new file mode 100644 index 000000000..9ccc59eb9 --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/http_only_on_hostless_block.txt @@ -0,0 +1,28 @@ +# Issue #4113 +:80, http://example.com { + respond "foo" +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":80" + ], + "routes": [ + { + "handle": [ + { + "body": "foo", + "handler": "static_response" + } + ] + } + ] + } + } + } + } +} \ No newline at end of file