mirror of
https://github.com/mjl-/mox.git
synced 2025-01-15 01:46:26 +03:00
6706c5c84a
- serve static files, serving index.html or optionally listings for directories - redirects - reverse-proxy, forwarding requests to a backend these are configurable through the config file. a domain and path regexp have to be configured. path prefixes can be stripped. configured domains are added to the autotls allowlist, so acme automatically fetches certificates for them. all webserver requests now have (access) logging, metrics, rate limiting. on http errors, the error message prints an encrypted cid for relating with log files. this also adds a new mechanism for example config files.
74 lines
1.7 KiB
Go
74 lines
1.7 KiB
Go
package http
|
|
|
|
import (
|
|
"net"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/mjl-/mox/dns"
|
|
"github.com/mjl-/mox/mlog"
|
|
"github.com/mjl-/mox/mox-"
|
|
"github.com/mjl-/mox/mtasts"
|
|
)
|
|
|
|
func mtastsPolicyHandle(w http.ResponseWriter, r *http.Request) {
|
|
log := func() *mlog.Log {
|
|
return xlog.WithContext(r.Context())
|
|
}
|
|
|
|
host := strings.ToLower(r.Host)
|
|
if !strings.HasPrefix(host, "mta-sts.") {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
host = strings.TrimPrefix(host, "mta-sts.")
|
|
nhost, _, err := net.SplitHostPort(host)
|
|
if err == nil {
|
|
// Only relevant for when host has a port.
|
|
host = nhost
|
|
}
|
|
domain, err := dns.ParseDomain(host)
|
|
if err != nil {
|
|
log().Errorx("mtasts policy request: bad domain", err, mlog.Field("host", host))
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
|
|
conf, _ := mox.Conf.Domain(domain)
|
|
sts := conf.MTASTS
|
|
if sts == nil {
|
|
http.NotFound(w, r)
|
|
return
|
|
}
|
|
|
|
var mxs []mtasts.STSMX
|
|
for _, s := range sts.MX {
|
|
var mx mtasts.STSMX
|
|
if strings.HasPrefix(s, "*.") {
|
|
mx.Wildcard = true
|
|
s = s[2:]
|
|
}
|
|
d, err := dns.ParseDomain(s)
|
|
if err != nil {
|
|
log().Errorx("bad domain in mtasts config", err, mlog.Field("domain", s))
|
|
http.Error(w, "500 - internal server error - invalid domain in configuration", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
mx.Domain = d
|
|
mxs = append(mxs, mx)
|
|
}
|
|
if len(mxs) == 0 {
|
|
mxs = []mtasts.STSMX{{Domain: mox.Conf.Static.HostnameDomain}}
|
|
}
|
|
|
|
policy := mtasts.Policy{
|
|
Version: "STSv1",
|
|
Mode: sts.Mode,
|
|
MaxAgeSeconds: int(sts.MaxAge / time.Second),
|
|
MX: mxs,
|
|
}
|
|
w.Header().Set("Content-Type", "text/plain")
|
|
w.Header().Set("Cache-Control", "no-cache, max-age=0")
|
|
_, _ = w.Write([]byte(policy.String()))
|
|
}
|