13.08.2023 12:13, Omar Polo пишет:
> [moving to tech@, there's a diff for the manpage below]
>
> On 2023/08/13 01:04:11 -0700, Alfred Morgan <alf...@54.org> wrote:
>> I was surprised that `server "default"` didn't act like I expected. In this
>> example I expected `test1` to get 200 and everything else to get 404 but
>> this is not the case. In this example server "test1" actually catches all:
>> localhost, test1, and test2 will get code 200.
>>
>> /etc/hosts:
>> 127.0.0.1 localhost test1 test2
>>
>> /tmp/httpd.conf:
>> server "test1" {
>> listen on localhost port 8080
>> block return 200
>> }
>>
>> server "default" {
>> listen on localhost port 8080
>> block return 404
>> }
>>
>> httpd -df /tmp/httpd.conf &
>
> as you've found out, there's no special meaning behind the "default"
> server name. It just means you're defining a virtua host called
> "default".
>
> let's go through your tests.
>
>> ftp -o - http://localhost:8080/ #200
>
> no `server' block match "localhost", so httpd uses the first server.
>
> (this is actually undocumented AFAICS)
>
>> ftp -o - http://test1:8080/ #200
>
> this matches your first server.
>
>> ftp -o - http://test2:8080/ #200
>
> This also doesn't match any server block, so httpd uses the first one.
>
>> man httpd.conf says:
>> "Match the server name using shell globbing rules. This can be an explicit
>> name, www.example.com, or a name including wildcards, *.example.com."
>>
>> There is no mention as to what `server "default"` does even though it is
>> used several times in the man page. I find the behaviour to be odd
>> for it not to be documented. It isn't until I change the line to `server
>> "*"` when it starts doing what I expected:
>>
>> ftp -o- http://localhost:8080/ #404
>> ftp -o- http://test1:8080/ #200
>> ftp -o- http://test2:8080/ #404
>>
>> This is a gotcha in general. I would think the examples should use server
>> "*" instead and document what server "default" actually does.
>
> I agree that's a gotcha and it's easy to misunderstand from the
> manpage. I'd prefer to use "example.com" as is done on many other
> manpages and sample configurations. Diff below.
>
> While here, add a note that if there's no match the first one is used.
> IMHO it's not a great choice, I would have preferred if it returned a
> 4XX error instead (not found or a generic bad request maybe).
>
>> and while we are here. Why does running httpd as a user say:
>> httpd: need root privileges
>>
>> does it...?
>
> If it say so... :)
>
> httpd needs to chroot and run as 'www' user so needs to be started as
> root. It also may need to read private keys which are also owned by
> root.
This reads better to me and "example.com" matches
/etc/examples/httpd.conf; OK kn
>
>
> diff /usr/src
> commit - a7b17fe845fceeb2940fa5924ec5843681aa2c64
> path + /usr/src
> blob - 16b086a9ee00cd6d8e796a890e9774968556f147
> file + usr.sbin/httpd/httpd.conf.5
> --- usr.sbin/httpd/httpd.conf.5
> +++ usr.sbin/httpd/httpd.conf.5
> @@ -98,7 +98,7 @@ server "default" {
> For example:
> .Bd -literal -offset indent
> ext_ip="10.0.0.1"
> -server "default" {
> +server "example.com" {
> listen on $ext_ip port 80
> }
> .Ed
> @@ -179,7 +179,8 @@ section starts with a declaration of the server
> Each
> .Ic server
> section starts with a declaration of the server
> -.Ar name :
> +.Ar name .
> +If no one matches the request the first one defined is used.
> .Bl -tag -width Ds
> .It Ic server Ar name Brq ...
> Match the server name using shell globbing rules.
> @@ -779,7 +780,7 @@ server "default" {
> .Bd -literal -offset indent
> prefork 2
>
> -server "default" {
> +server "example.com" {
> listen on * port 80
> }
>
> @@ -800,7 +801,7 @@ server "default" {
> .Qq egress
> group.
> .Bd -literal -offset indent
> -server "default" {
> +server "example.com" {
> listen on egress port 80
> }
> .Ed
>
