Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

loosen docroot checking for certain server configs

For server configurations that define a reverse proxy, redirection for the
path "/", forward proxies, or appmods on "/", a docroot isn't
needed. Change yaws_config to avoid errors for missing docroot settings for
such servers. Add test/t6 to check these configurations.
  • Loading branch information...
commit ea1e77becb93614863d8120d10dc9e0cbef99a35 1 parent 8862645
Steve Vinoski vinoski authored
4 .gitignore
View
@@ -26,8 +26,8 @@ test/ibrowse.tar.gz
test/support/include.mk
test/support/include.sh
test/t1/localhost:8000/
-test/t[12345]/logs/
-test/t[12345]/yaws.conf
+test/t[123456]/logs/
+test/t[123456]/yaws.conf
test/t4/www2/8388608.bin
www/yaws.pdf
www/yaws.ps
47 src/yaws_config.erl
View
@@ -1123,18 +1123,43 @@ fload(FD, server, GC, C, Cs, Lno, Chars) ->
{error, ?F("Expect true|false at line ~w", [Lno])}
end;
- ['<', "/server", '>'] when C#sconf.docroot =:= undefined ->
- {error,
- ?F("No valid docroot configured for virthost '~s' (port: ~w)",
- [C#sconf.servername, C#sconf.port])};
['<', "/server", '>'] ->
- case C#sconf.listen of
- [] ->
- C2 = C#sconf{listen = {127,0,0,1}},
- fload(FD, globals, GC, undefined, [C2|Cs], Lno+1, Next);
- Ls ->
- Cs2 = [C#sconf{listen=L} || L <- Ls] ++ Cs,
- fload(FD, globals, GC, undefined, Cs2, Lno+1, Next)
+ HasDocroot =
+ case C#sconf.docroot of
+ undefined ->
+ Tests = [fun() ->
+ lists:keymember("/", #proxy_cfg.prefix, C#sconf.revproxy)
+ end,
+ fun() ->
+ lists:keymember("/", 1, C#sconf.redirect_map)
+ end,
+ fun() ->
+ lists:foldl(fun(_, true) -> true;
+ ({"/", _}, _Acc) -> true;
+ (_, Acc) -> Acc
+ end, false, C#sconf.appmods)
+ end,
+ fun() ->
+ ?sc_forward_proxy(C)
+ end],
+ lists:any(fun(T) -> T() end, Tests);
+ _ ->
+ true
+ end,
+ case HasDocroot of
+ true ->
+ case C#sconf.listen of
+ [] ->
+ C2 = C#sconf{listen = {127,0,0,1}},
+ fload(FD, globals, GC, undefined, [C2|Cs], Lno+1, Next);
+ Ls ->
+ Cs2 = [C#sconf{listen=L} || L <- Ls] ++ Cs,
+ fload(FD, globals, GC, undefined, Cs2, Lno+1, Next)
+ end;
+ false ->
+ {error,
+ ?F("No valid docroot configured for virthost '~s' (port: ~w)",
+ [C#sconf.servername, C#sconf.port])}
end;
['<', "opaque", '>'] ->
4 test/Makefile
View
@@ -1,8 +1,8 @@
include support/include.mk
-SUBDIRS = t1 t2 t3 t4 t5 eunit
+SUBDIRS = t1 t2 t3 t4 t5 t6 eunit
-all: conf ibrowse
+all: ibrowse
@cd src; $(MAKE) all
@set -e ; \
for d in $(SUBDIRS) ; do \
0  test/conf/deflate.conf → test/conf/deflateconf.conf
View
File renamed without changes
103 test/conf/no_docroot_appmod.conf
View
@@ -0,0 +1,103 @@
+
+
+logdir = ./logs
+
+# This the path to a directory where additional
+# beam code can be placed. The daemon will add this
+# directory to its search path
+
+ebin_dir = %YTOP%/test/ibrowse/ebin
+include_dir = %YTOP%/test/include
+
+
+
+# This is a debug variable, possible values are http | traffic | false
+# It is also possible to set the trace (possibly to the tty) while
+# invoking yaws from the shell as in
+# yaws -i -T -x (see man yaws)
+
+trace = false
+
+
+
+# it is possible to have yaws start additional
+# application specific code at startup
+#
+# runmod = mymodule
+
+
+# By default yaws will copy the erlang error_log and
+# end write it to a wrap log called report.log (in the logdir)
+# this feature can be turned off. This would typically
+# be the case when yaws runs within another larger app
+
+copy_error_log = true
+
+
+# Logs are wrap logs
+
+log_wrap_size = 1000000
+
+
+# Possibly resolve all hostnames in logfiles so webalizer
+# can produce the nice geography piechart
+
+log_resolve_hostname = false
+
+
+
+# fail completely or not if yaws fails
+# to bind a listen socket
+fail_on_bind_err = true
+
+
+
+# If yaws is started as root, it can, once it has opened
+# all relevant sockets for listening, change the uid to a
+# user with lower accessrights than root
+
+# username = nobody
+
+
+# If HTTP auth is used, it is possible to have a specific
+# auth log.
+# Deprecated and ignored. Now, this target must be set in server part
+#auth_log = true
+
+
+# When we're running multiple yaws systems on the same
+# host, we need to give each yaws system an individual
+# name. Yaws will write a number of runtime files under
+# /tmp/yaws/${id}
+# The default value is "default"
+
+
+# id = myname
+
+
+# earlier versions of Yaws picked the first virtual host
+# in a list of hosts with the same IP/PORT when the Host:
+# header doesn't match any name on any Host
+# This is often nice in testing environments but not
+# acceptable in real live hosting scenarios
+
+pick_first_virthost_on_nomatch = true
+
+
+# All unices are broken since it's not possible to bind to
+# a privileged port (< 1024) unless uid==0
+# There is a contrib in jungerl which makes it possible by means
+# of an external setuid root programm called fdsrv to listen to
+# to privileged port.
+# If we use this feature, it requires fdsrv to be properly installed.
+# Doesn't yet work with SSL.
+
+use_fdsrv = false
+
+keepalive_timeout = 10000
+
+<server am>
+ listen = 0.0.0.0
+ port = 8000
+ appmods = <"/", app_module>
+</server>
103 test/conf/no_docroot_fwdproxy.conf
View
@@ -0,0 +1,103 @@
+
+
+logdir = ./logs
+
+# This the path to a directory where additional
+# beam code can be placed. The daemon will add this
+# directory to its search path
+
+ebin_dir = %YTOP%/test/ibrowse/ebin
+include_dir = %YTOP%/test/include
+
+
+
+# This is a debug variable, possible values are http | traffic | false
+# It is also possible to set the trace (possibly to the tty) while
+# invoking yaws from the shell as in
+# yaws -i -T -x (see man yaws)
+
+trace = false
+
+
+
+# it is possible to have yaws start additional
+# application specific code at startup
+#
+# runmod = mymodule
+
+
+# By default yaws will copy the erlang error_log and
+# end write it to a wrap log called report.log (in the logdir)
+# this feature can be turned off. This would typically
+# be the case when yaws runs within another larger app
+
+copy_error_log = true
+
+
+# Logs are wrap logs
+
+log_wrap_size = 1000000
+
+
+# Possibly resolve all hostnames in logfiles so webalizer
+# can produce the nice geography piechart
+
+log_resolve_hostname = false
+
+
+
+# fail completely or not if yaws fails
+# to bind a listen socket
+fail_on_bind_err = true
+
+
+
+# If yaws is started as root, it can, once it has opened
+# all relevant sockets for listening, change the uid to a
+# user with lower accessrights than root
+
+# username = nobody
+
+
+# If HTTP auth is used, it is possible to have a specific
+# auth log.
+# Deprecated and ignored. Now, this target must be set in server part
+#auth_log = true
+
+
+# When we're running multiple yaws systems on the same
+# host, we need to give each yaws system an individual
+# name. Yaws will write a number of runtime files under
+# /tmp/yaws/${id}
+# The default value is "default"
+
+
+# id = myname
+
+
+# earlier versions of Yaws picked the first virtual host
+# in a list of hosts with the same IP/PORT when the Host:
+# header doesn't match any name on any Host
+# This is often nice in testing environments but not
+# acceptable in real live hosting scenarios
+
+pick_first_virthost_on_nomatch = true
+
+
+# All unices are broken since it's not possible to bind to
+# a privileged port (< 1024) unless uid==0
+# There is a contrib in jungerl which makes it possible by means
+# of an external setuid root programm called fdsrv to listen to
+# to privileged port.
+# If we use this feature, it requires fdsrv to be properly installed.
+# Doesn't yet work with SSL.
+
+use_fdsrv = false
+
+keepalive_timeout = 10000
+
+<server fp>
+ listen = 0.0.0.0
+ port = 8000
+ fwdproxy = true
+</server>
105 test/conf/no_docroot_redirect.conf
View
@@ -0,0 +1,105 @@
+
+
+logdir = ./logs
+
+# This the path to a directory where additional
+# beam code can be placed. The daemon will add this
+# directory to its search path
+
+ebin_dir = %YTOP%/test/ibrowse/ebin
+include_dir = %YTOP%/test/include
+
+
+
+# This is a debug variable, possible values are http | traffic | false
+# It is also possible to set the trace (possibly to the tty) while
+# invoking yaws from the shell as in
+# yaws -i -T -x (see man yaws)
+
+trace = false
+
+
+
+# it is possible to have yaws start additional
+# application specific code at startup
+#
+# runmod = mymodule
+
+
+# By default yaws will copy the erlang error_log and
+# end write it to a wrap log called report.log (in the logdir)
+# this feature can be turned off. This would typically
+# be the case when yaws runs within another larger app
+
+copy_error_log = true
+
+
+# Logs are wrap logs
+
+log_wrap_size = 1000000
+
+
+# Possibly resolve all hostnames in logfiles so webalizer
+# can produce the nice geography piechart
+
+log_resolve_hostname = false
+
+
+
+# fail completely or not if yaws fails
+# to bind a listen socket
+fail_on_bind_err = true
+
+
+
+# If yaws is started as root, it can, once it has opened
+# all relevant sockets for listening, change the uid to a
+# user with lower accessrights than root
+
+# username = nobody
+
+
+# If HTTP auth is used, it is possible to have a specific
+# auth log.
+# Deprecated and ignored. Now, this target must be set in server part
+#auth_log = true
+
+
+# When we're running multiple yaws systems on the same
+# host, we need to give each yaws system an individual
+# name. Yaws will write a number of runtime files under
+# /tmp/yaws/${id}
+# The default value is "default"
+
+
+# id = myname
+
+
+# earlier versions of Yaws picked the first virtual host
+# in a list of hosts with the same IP/PORT when the Host:
+# header doesn't match any name on any Host
+# This is often nice in testing environments but not
+# acceptable in real live hosting scenarios
+
+pick_first_virthost_on_nomatch = true
+
+
+# All unices are broken since it's not possible to bind to
+# a privileged port (< 1024) unless uid==0
+# There is a contrib in jungerl which makes it possible by means
+# of an external setuid root programm called fdsrv to listen to
+# to privileged port.
+# If we use this feature, it requires fdsrv to be properly installed.
+# Doesn't yet work with SSL.
+
+use_fdsrv = false
+
+keepalive_timeout = 10000
+
+<server rd>
+ listen = 0.0.0.0
+ port = 8000
+ <redirect>
+ "/" == http://yaws.hyber.org/
+ </redirect>
+</server>
103 test/conf/no_docroot_revproxy.conf
View
@@ -0,0 +1,103 @@
+
+
+logdir = ./logs
+
+# This the path to a directory where additional
+# beam code can be placed. The daemon will add this
+# directory to its search path
+
+ebin_dir = %YTOP%/test/ibrowse/ebin
+include_dir = %YTOP%/test/include
+
+
+
+# This is a debug variable, possible values are http | traffic | false
+# It is also possible to set the trace (possibly to the tty) while
+# invoking yaws from the shell as in
+# yaws -i -T -x (see man yaws)
+
+trace = false
+
+
+
+# it is possible to have yaws start additional
+# application specific code at startup
+#
+# runmod = mymodule
+
+
+# By default yaws will copy the erlang error_log and
+# end write it to a wrap log called report.log (in the logdir)
+# this feature can be turned off. This would typically
+# be the case when yaws runs within another larger app
+
+copy_error_log = true
+
+
+# Logs are wrap logs
+
+log_wrap_size = 1000000
+
+
+# Possibly resolve all hostnames in logfiles so webalizer
+# can produce the nice geography piechart
+
+log_resolve_hostname = false
+
+
+
+# fail completely or not if yaws fails
+# to bind a listen socket
+fail_on_bind_err = true
+
+
+
+# If yaws is started as root, it can, once it has opened
+# all relevant sockets for listening, change the uid to a
+# user with lower accessrights than root
+
+# username = nobody
+
+
+# If HTTP auth is used, it is possible to have a specific
+# auth log.
+# Deprecated and ignored. Now, this target must be set in server part
+#auth_log = true
+
+
+# When we're running multiple yaws systems on the same
+# host, we need to give each yaws system an individual
+# name. Yaws will write a number of runtime files under
+# /tmp/yaws/${id}
+# The default value is "default"
+
+
+# id = myname
+
+
+# earlier versions of Yaws picked the first virtual host
+# in a list of hosts with the same IP/PORT when the Host:
+# header doesn't match any name on any Host
+# This is often nice in testing environments but not
+# acceptable in real live hosting scenarios
+
+pick_first_virthost_on_nomatch = true
+
+
+# All unices are broken since it's not possible to bind to
+# a privileged port (< 1024) unless uid==0
+# There is a contrib in jungerl which makes it possible by means
+# of an external setuid root programm called fdsrv to listen to
+# to privileged port.
+# If we use this feature, it requires fdsrv to be properly installed.
+# Doesn't yet work with SSL.
+
+use_fdsrv = false
+
+keepalive_timeout = 10000
+
+<server rp>
+ listen = 0.0.0.0
+ port = 8000
+ revproxy = "/" http://yaws.hyber.org
+</server>
0  test/conf/revproxy.conf → test/conf/revproxyconf.conf
View
File renamed without changes
20 test/support/include.mk.in
View
@@ -6,6 +6,8 @@ YTOP="@YTOP@"
YAWS=$(YTOP)/bin/yaws
+SUBST=../../scripts/Subst
+
COMPILER_PA = -pa $(YTOP)/ebin
%.beam: %.erl
@@ -51,18 +53,6 @@ stop:
quiet_stop:
$(YTOP)/bin/yaws --id testid --stop >/dev/null 2>&1 && sleep 5 || true
-stdconf:
- cat ../conf/stdconf.conf | \
- ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
-
-authconf:
- cat ../conf/authconf.conf | \
- ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
-
-revproxyconf:
- cat ../conf/revproxy.conf | \
- ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
-
-deflateconf:
- cat ../conf/deflate.conf | \
- ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
+stdconf authconf revproxyconf deflateconf:
+ cat ../conf/$@.conf | \
+ $(SUBST) %YTOP% $(YTOP) > yaws.conf
2  test/t1/Makefile
View
@@ -1,6 +1,6 @@
include ../support/include.mk
-.PHONY: all test newconf small_datafile t1 t2 t3 t4 t5 t6 t7 json
+.PHONY: all test conf newconf small_datafile t1 t2 t3 t4 t5 t6 t7 json
all: conf setup
@echo "all ok"
2  test/t2/Makefile
View
@@ -1,6 +1,6 @@
include ../support/include.mk
-.PHONY: all test debug clean
+.PHONY: all test conf debug clean
#
all: conf setup app_test.beam streamtest.beam jsontest.beam posttest.beam \
2  test/t3/Makefile
View
@@ -1,6 +1,6 @@
include ../support/include.mk
-.PHONY: all test debug clean
+.PHONY: all test conf debug clean
#
all: conf setup app_test.beam authmodtest.beam outmodtest.beam
2  test/t4/Makefile
View
@@ -1,6 +1,6 @@
include ../support/include.mk
-.PHONY: all test debug clean
+.PHONY: all test conf debug clean
T4BEAMS := app_test.beam \
rewritetest.beam \
2  test/t5/Makefile
View
@@ -1,6 +1,6 @@
include ../support/include.mk
-.PHONY: all test debug clean
+.PHONY: all test conf debug clean
#
all: conf setup app_test.beam emptytest.beam streamtest.beam smalltest.beam bigtest.beam
32 test/t6/Makefile
View
@@ -0,0 +1,32 @@
+include ../support/include.mk
+
+NO_DOCROOT_TESTS = no_docroot_revproxy \
+ no_docroot_fwdproxy \
+ no_docroot_redirect \
+ no_docroot_appmod
+
+.PHONY: all test conf $(NO_DOCROOT_TESTS)
+
+all: setup
+ @echo "all ok"
+
+## to run test, do
+# make all test
+
+test: all
+ set -e ; \
+ for t in $(NO_DOCROOT_TESTS); do \
+ $(MAKE) $$t ; \
+ done
+
+$(NO_DOCROOT_TESTS):
+ @rm -f yaws.conf
+ cat ../conf/$@.conf | \
+ $(SUBST) %YTOP% $(YTOP) > yaws.conf
+ set -e ; $(MAKE) start ; $(MAKE) stop
+
+clean: tclean
+ -rm -rf localhost:8000 yaws.conf
+
+# needed because target is called by top-level test/Makefile
+conf:
Please sign in to comment.
Something went wrong with that request. Please try again.