mox/http/mtasts.go

package http

import (
	"log/slog"
	"net"
	"net/http"
	"strings"
	"time"

	"github.com/mjl-/mox/dns"
	"github.com/mjl-/mox/mlog"
	"github.com/mjl-/mox/mox-"
	"github.com/mjl-/mox/mtasts"
)

func mtastsPolicyHandle(w http.ResponseWriter, r *http.Request) {
	log := func() mlog.Log {
		return pkglog.WithContext(r.Context())
	}

	host := strings.ToLower(r.Host)
	if !strings.HasPrefix(host, "mta-sts.") {
		http.NotFound(w, r)
		return
	}
	host = strings.TrimPrefix(host, "mta-sts.")
	nhost, _, err := net.SplitHostPort(host)
	if err == nil {
		// Only relevant for when host has a port.
		host = nhost
	}
	domain, err := dns.ParseDomain(host)
	if err != nil {
		log().Errorx("mtasts policy request: bad domain", err, slog.String("host", host))
		http.NotFound(w, r)
		return
	}

	conf, _ := mox.Conf.Domain(domain)
	sts := conf.MTASTS
	if sts == nil {
		http.NotFound(w, r)
		return
	}

	var mxs []mtasts.MX
	for _, s := range sts.MX {
		var mx mtasts.MX
		if strings.HasPrefix(s, "*.") {
			mx.Wildcard = true
			s = s[2:]
		}
		d, err := dns.ParseDomain(s)
		if err != nil {
			log().Errorx("bad domain in mtasts config", err, slog.String("domain", s))
			http.Error(w, "500 - internal server error - invalid domain in configuration", http.StatusInternalServerError)
			return
		}
		mx.Domain = d
		mxs = append(mxs, mx)
	}
	if len(mxs) == 0 {
		mxs = []mtasts.MX{{Domain: mox.Conf.Static.HostnameDomain}}
	}

	policy := mtasts.Policy{
		Version:       "STSv1",
		Mode:          sts.Mode,
		MaxAgeSeconds: int(sts.MaxAge / time.Second),
		MX:            mxs,
	}
	w.Header().Set("Content-Type", "text/plain")
	w.Header().Set("Cache-Control", "no-cache, max-age=0")
	_, _ = w.Write([]byte(policy.String()))
}
mox! 2023-01-30 16:27:06 +03:00			`package http`

			`import (`
replace packages slog and slices from golang.org/x/exp with stdlib since we are now at go1.21 as minimum. 2024-02-08 16:49:01 +03:00			`"log/slog"`
add option to handle autoconfig and mta-sts requests without TLS, for when it is reverse proxied for #5 with hints from belst & idnovic 2023-02-25 13:28:15 +03:00			`"net"`
mox! 2023-01-30 16:27:06 +03:00			`"net/http"`
			`"strings"`
			`"time"`

			`"github.com/mjl-/mox/dns"`
			`"github.com/mjl-/mox/mlog"`
			`"github.com/mjl-/mox/mox-"`
			`"github.com/mjl-/mox/mtasts"`
			`)`

			`func mtastsPolicyHandle(w http.ResponseWriter, r *http.Request) {`
switch to slog.Logger for logging, for easier reuse of packages by external software we don't want external software to include internal details like mlog. slog.Logger is/will be the standard. we still have mlog for its helper functions, and its handler that logs in concise logfmt used by mox. packages that are not meant for reuse still pass around mlog.Log for convenience. we use golang.org/x/exp/slog because we also support the previous Go toolchain version. with the next Go release, we'll switch to the builtin slog. 2023-12-05 15:35:58 +03:00			`log := func() mlog.Log {`
			`return pkglog.WithContext(r.Context())`
add basic webserver that can do most of what i need - serve static files, serving index.html or optionally listings for directories - redirects - reverse-proxy, forwarding requests to a backend these are configurable through the config file. a domain and path regexp have to be configured. path prefixes can be stripped. configured domains are added to the autotls allowlist, so acme automatically fetches certificates for them. all webserver requests now have (access) logging, metrics, rate limiting. on http errors, the error message prints an encrypted cid for relating with log files. this also adds a new mechanism for example config files. 2023-03-01 00:12:27 +03:00			`}`
mox! 2023-01-30 16:27:06 +03:00
fix serving mta-sts policy files i broke it 3 days ago when adding support for serving it through external reverse proxy. report by mteege, thanks! 2023-02-28 22:40:52 +03:00			`host := strings.ToLower(r.Host)`
			`if !strings.HasPrefix(host, "mta-sts.") {`
mox! 2023-01-30 16:27:06 +03:00			`http.NotFound(w, r)`
			`return`
			`}`
fix serving mta-sts policy files i broke it 3 days ago when adding support for serving it through external reverse proxy. report by mteege, thanks! 2023-02-28 22:40:52 +03:00			`host = strings.TrimPrefix(host, "mta-sts.")`
			`nhost, _, err := net.SplitHostPort(host)`
			`if err == nil {`
			`// Only relevant for when host has a port.`
			`host = nhost`
add option to handle autoconfig and mta-sts requests without TLS, for when it is reverse proxied for #5 with hints from belst & idnovic 2023-02-25 13:28:15 +03:00			`}`
			`domain, err := dns.ParseDomain(host)`
			`if err != nil {`
switch to slog.Logger for logging, for easier reuse of packages by external software we don't want external software to include internal details like mlog. slog.Logger is/will be the standard. we still have mlog for its helper functions, and its handler that logs in concise logfmt used by mox. packages that are not meant for reuse still pass around mlog.Log for convenience. we use golang.org/x/exp/slog because we also support the previous Go toolchain version. with the next Go release, we'll switch to the builtin slog. 2023-12-05 15:35:58 +03:00			`log().Errorx("mtasts policy request: bad domain", err, slog.String("host", host))`
mox! 2023-01-30 16:27:06 +03:00			`http.NotFound(w, r)`
			`return`
			`}`

			`conf, _ := mox.Conf.Domain(domain)`
			`sts := conf.MTASTS`
			`if sts == nil {`
			`http.NotFound(w, r)`
			`return`
			`}`

use new sherpadoc rename mechanism to remove some typename stuttering the stuttering was introduced to make the same type name declared in multiple packages, and used in the admin sherpa api, unique. with sherpadoc's new rename, we can make them unique when generating the api definition/docs, and the Go code can use nicer names. 2024-04-19 11:51:24 +03:00			`var mxs []mtasts.MX`
mox! 2023-01-30 16:27:06 +03:00			`for _, s := range sts.MX {`
use new sherpadoc rename mechanism to remove some typename stuttering the stuttering was introduced to make the same type name declared in multiple packages, and used in the admin sherpa api, unique. with sherpadoc's new rename, we can make them unique when generating the api definition/docs, and the Go code can use nicer names. 2024-04-19 11:51:24 +03:00			`var mx mtasts.MX`
mox! 2023-01-30 16:27:06 +03:00			`if strings.HasPrefix(s, "*.") {`
			`mx.Wildcard = true`
			`s = s[2:]`
			`}`
			`d, err := dns.ParseDomain(s)`
			`if err != nil {`
switch to slog.Logger for logging, for easier reuse of packages by external software we don't want external software to include internal details like mlog. slog.Logger is/will be the standard. we still have mlog for its helper functions, and its handler that logs in concise logfmt used by mox. packages that are not meant for reuse still pass around mlog.Log for convenience. we use golang.org/x/exp/slog because we also support the previous Go toolchain version. with the next Go release, we'll switch to the builtin slog. 2023-12-05 15:35:58 +03:00			`log().Errorx("bad domain in mtasts config", err, slog.String("domain", s))`
mox! 2023-01-30 16:27:06 +03:00			`http.Error(w, "500 - internal server error - invalid domain in configuration", http.StatusInternalServerError)`
			`return`
			`}`
			`mx.Domain = d`
			`mxs = append(mxs, mx)`
			`}`
			`if len(mxs) == 0 {`
use new sherpadoc rename mechanism to remove some typename stuttering the stuttering was introduced to make the same type name declared in multiple packages, and used in the admin sherpa api, unique. with sherpadoc's new rename, we can make them unique when generating the api definition/docs, and the Go code can use nicer names. 2024-04-19 11:51:24 +03:00			`mxs = []mtasts.MX{{Domain: mox.Conf.Static.HostnameDomain}}`
mox! 2023-01-30 16:27:06 +03:00			`}`

			`policy := mtasts.Policy{`
			`Version: "STSv1",`
			`Mode: sts.Mode,`
			`MaxAgeSeconds: int(sts.MaxAge / time.Second),`
			`MX: mxs,`
			`}`
			`w.Header().Set("Content-Type", "text/plain")`
			`w.Header().Set("Cache-Control", "no-cache, max-age=0")`
consistently use log.Check for logging errors that "should not happen", don't influence application flow sooner or later, someone will notice one of these messages, which will lead us to a bug. 2023-02-16 15:22:00 +03:00			`_, _ = w.Write([]byte(policy.String()))`
mox! 2023-01-30 16:27:06 +03:00			`}`