pages-server/server/upstream/domains.go

package upstream

import (
	"errors"
	"strings"
	"time"

	"github.com/rs/zerolog/log"

	"codeberg.org/codeberg/pages/server/cache"
	"codeberg.org/codeberg/pages/server/gitea"
)

// canonicalDomainCacheTimeout specifies the timeout for the canonical domain cache.
var canonicalDomainCacheTimeout = 15 * time.Minute

const canonicalDomainConfig = ".domains"

// CheckCanonicalDomain returns the canonical domain specified in the repo (using the `.domains` file).
func (o *Options) CheckCanonicalDomain(giteaClient *gitea.Client, actualDomain, mainDomainSuffix string, canonicalDomainCache cache.SetGetKey) (domain string, valid bool) {
	// Check if this request is cached.
	if cachedValue, ok := canonicalDomainCache.Get(o.TargetOwner + "/" + o.TargetRepo + "/" + o.TargetBranch); ok {
		domains := cachedValue.([]string)
		for _, domain := range domains {
			if domain == actualDomain {
				valid = true
				break
			}
		}
		return domains[0], valid
	}

	body, err := giteaClient.GiteaRawContent(o.TargetOwner, o.TargetRepo, o.TargetBranch, canonicalDomainConfig)
	if err != nil && !errors.Is(err, gitea.ErrorNotFound) {
		log.Error().Err(err).Msgf("could not read %s of %s/%s", canonicalDomainConfig, o.TargetOwner, o.TargetRepo)
	}

	var domains []string
	for _, domain := range strings.Split(string(body), "\n") {
		domain = strings.ToLower(domain)
		domain = strings.TrimSpace(domain)
		domain = strings.TrimPrefix(domain, "http://")
		domain = strings.TrimPrefix(domain, "https://")
		if len(domain) > 0 && !strings.HasPrefix(domain, "#") && !strings.ContainsAny(domain, "\t /") && strings.ContainsRune(domain, '.') {
			domains = append(domains, domain)
		}
		if domain == actualDomain {
			valid = true
		}
	}

	// Add [owner].[pages-domain] as valid domnain.
	domains = append(domains, o.TargetOwner+mainDomainSuffix)
	if domains[len(domains)-1] == actualDomain {
		valid = true
	}

	// If the target repository isn't called pages, add `/[repository]` to the
	// previous valid domain.
	if o.TargetRepo != "" && o.TargetRepo != "pages" {
		domains[len(domains)-1] += "/" + o.TargetRepo
	}

	// Add result to cache.
	_ = canonicalDomainCache.Set(o.TargetOwner+"/"+o.TargetRepo+"/"+o.TargetBranch, domains, canonicalDomainCacheTimeout)

	// Return the first domain from the list and return if any of the domains
	// matched the requested domain.
	return domains[0], valid
}
split cert func to related packages 2021-12-05 15:21:05 +01:00			`package upstream`

			`import (`
Fix Cache Bug (#178) error io.EOF is gracefully end of file read. so we don't need to cancel cache saving Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/178 2023-02-11 01:31:56 +01:00			`"errors"`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`"strings"`
switch to std http implementation instead of fasthttp (#106) close #100 close #109 close #113 close #28 close #63 Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/106 2022-11-12 20:37:20 +01:00			`"time"`

			`"github.com/rs/zerolog/log"`
split cert func to related packages 2021-12-05 15:21:05 +01:00
			`"codeberg.org/codeberg/pages/server/cache"`
Move gitea api calls in own "client" package (#78) continue #75 close #16 - fix regression (from #34) _thanks to @crystal_ - create own gitea client package - more logging - add mock impl of CertDB Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: crystal <crystal@noreply.codeberg.org> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/78 Reviewed-by: crapStone <crapstone@noreply.codeberg.org> 2022-06-11 23:02:06 +02:00			`"codeberg.org/codeberg/pages/server/gitea"`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`)`

switch to std http implementation instead of fasthttp (#106) close #100 close #109 close #113 close #28 close #63 Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/106 2022-11-12 20:37:20 +01:00			`// canonicalDomainCacheTimeout specifies the timeout for the canonical domain cache.`
			`var canonicalDomainCacheTimeout = 15 * time.Minute`

			`const canonicalDomainConfig = ".domains"`

code format 2021-12-09 20:16:43 +01:00			// CheckCanonicalDomain returns the canonical domain specified in the repo (using the `.domains` file).
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00			`func (o Options) CheckCanonicalDomain(giteaClient gitea.Client, actualDomain, mainDomainSuffix string, canonicalDomainCache cache.SetGetKey) (domain string, valid bool) {`
			`// Check if this request is cached.`
Refactor split long functions (#135) we have big functions that handle all stuff ... we should split this into smaler chuncks so we could test them seperate and make clear cuts in what happens where Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/135 2022-11-12 20:43:44 +01:00			`if cachedValue, ok := canonicalDomainCache.Get(o.TargetOwner + "/" + o.TargetRepo + "/" + o.TargetBranch); ok {`
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00			`domains := cachedValue.([]string)`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`for _, domain := range domains {`
			`if domain == actualDomain {`
			`valid = true`
			`break`
			`}`
			`}`
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00			`return domains[0], valid`
			`}`

			`body, err := giteaClient.GiteaRawContent(o.TargetOwner, o.TargetRepo, o.TargetBranch, canonicalDomainConfig)`
Fix Cache Bug (#178) error io.EOF is gracefully end of file read. so we don't need to cancel cache saving Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/178 2023-02-11 01:31:56 +01:00			`if err != nil && !errors.Is(err, gitea.ErrorNotFound) {`
			`log.Error().Err(err).Msgf("could not read %s of %s/%s", canonicalDomainConfig, o.TargetOwner, o.TargetRepo)`
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00			`}`

			`var domains []string`
			`for _, domain := range strings.Split(string(body), "\n") {`
			`domain = strings.ToLower(domain)`
			`domain = strings.TrimSpace(domain)`
			`domain = strings.TrimPrefix(domain, "http://")`
			`domain = strings.TrimPrefix(domain, "https://")`
			`if len(domain) > 0 && !strings.HasPrefix(domain, "#") && !strings.ContainsAny(domain, "\t /") && strings.ContainsRune(domain, '.') {`
			`domains = append(domains, domain)`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`}`
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00			`if domain == actualDomain {`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`valid = true`
			`}`
			`}`
Allow to use certificate even if domain validation fails (#160) - Currently if the canonical domain validations fails(either for legitimate reasons or for bug reasons like the request to Gitea/Forgejo failing) it will use main domain certificate, which in the case for custom domains will warrant a security error as the certificate isn't issued to the custom domain. - This patch handles this situation more gracefully and instead only disallow obtaining a certificate if the domain validation fails, so in the case that a certificate still exists it can still be used even if the canonical domain validation fails. There's a small side effect, legitimate users that remove domains from `.domain` will still be able to use the removed domain(as long as the DNS records exists) as long as the certificate currently hold by pages-server isn't expired. - Given the increased usage in custom domains that are resulting in errors, I think it ways more than the side effect. - In order to future-proof against future slowdowns of instances, add a retry mechanism to the domain validation function, such that it's more likely to succeed even if the instance is not responding. - Refactor the code a bit and add some comments. Co-authored-by: Gusted <postmaster@gusted.xyz> Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/160 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: Gusted <gusted@noreply.codeberg.org> Co-committed-by: Gusted <gusted@noreply.codeberg.org> 2023-02-10 02:38:15 +01:00
			`// Add [owner].[pages-domain] as valid domnain.`
			`domains = append(domains, o.TargetOwner+mainDomainSuffix)`
			`if domains[len(domains)-1] == actualDomain {`
			`valid = true`
			`}`

			// If the target repository isn't called pages, add `/[repository]` to the
			`// previous valid domain.`
			`if o.TargetRepo != "" && o.TargetRepo != "pages" {`
			`domains[len(domains)-1] += "/" + o.TargetRepo`
			`}`

			`// Add result to cache.`
			`_ = canonicalDomainCache.Set(o.TargetOwner+"/"+o.TargetRepo+"/"+o.TargetBranch, domains, canonicalDomainCacheTimeout)`

			`// Return the first domain from the list and return if any of the domains`
			`// matched the requested domain.`
code format 2021-12-09 20:16:43 +01:00			`return domains[0], valid`
split cert func to related packages 2021-12-05 15:21:05 +01:00			`}`