Skip to content
This repository
Browse code

loosen docroot checking for certain server configs

For server configurations that define a reverse proxy, redirection for the
path "/", forward proxies, or appmods on "/", a docroot isn't
needed. Change yaws_config to avoid errors for missing docroot settings for
such servers. Add test/t6 to check these configurations.
  • Loading branch information...
commit ea1e77becb93614863d8120d10dc9e0cbef99a35 1 parent 8862645
Steve Vinoski vinoski authored
4 .gitignore
@@ -26,8 +26,8 @@ test/ibrowse.tar.gz
26 26 test/support/include.mk
27 27 test/support/include.sh
28 28 test/t1/localhost:8000/
29   -test/t[12345]/logs/
30   -test/t[12345]/yaws.conf
  29 +test/t[123456]/logs/
  30 +test/t[123456]/yaws.conf
31 31 test/t4/www2/8388608.bin
32 32 www/yaws.pdf
33 33 www/yaws.ps
47 src/yaws_config.erl
@@ -1123,18 +1123,43 @@ fload(FD, server, GC, C, Cs, Lno, Chars) ->
1123 1123 {error, ?F("Expect true|false at line ~w", [Lno])}
1124 1124 end;
1125 1125
1126   - ['<', "/server", '>'] when C#sconf.docroot =:= undefined ->
1127   - {error,
1128   - ?F("No valid docroot configured for virthost '~s' (port: ~w)",
1129   - [C#sconf.servername, C#sconf.port])};
1130 1126 ['<', "/server", '>'] ->
1131   - case C#sconf.listen of
1132   - [] ->
1133   - C2 = C#sconf{listen = {127,0,0,1}},
1134   - fload(FD, globals, GC, undefined, [C2|Cs], Lno+1, Next);
1135   - Ls ->
1136   - Cs2 = [C#sconf{listen=L} || L <- Ls] ++ Cs,
1137   - fload(FD, globals, GC, undefined, Cs2, Lno+1, Next)
  1127 + HasDocroot =
  1128 + case C#sconf.docroot of
  1129 + undefined ->
  1130 + Tests = [fun() ->
  1131 + lists:keymember("/", #proxy_cfg.prefix, C#sconf.revproxy)
  1132 + end,
  1133 + fun() ->
  1134 + lists:keymember("/", 1, C#sconf.redirect_map)
  1135 + end,
  1136 + fun() ->
  1137 + lists:foldl(fun(_, true) -> true;
  1138 + ({"/", _}, _Acc) -> true;
  1139 + (_, Acc) -> Acc
  1140 + end, false, C#sconf.appmods)
  1141 + end,
  1142 + fun() ->
  1143 + ?sc_forward_proxy(C)
  1144 + end],
  1145 + lists:any(fun(T) -> T() end, Tests);
  1146 + _ ->
  1147 + true
  1148 + end,
  1149 + case HasDocroot of
  1150 + true ->
  1151 + case C#sconf.listen of
  1152 + [] ->
  1153 + C2 = C#sconf{listen = {127,0,0,1}},
  1154 + fload(FD, globals, GC, undefined, [C2|Cs], Lno+1, Next);
  1155 + Ls ->
  1156 + Cs2 = [C#sconf{listen=L} || L <- Ls] ++ Cs,
  1157 + fload(FD, globals, GC, undefined, Cs2, Lno+1, Next)
  1158 + end;
  1159 + false ->
  1160 + {error,
  1161 + ?F("No valid docroot configured for virthost '~s' (port: ~w)",
  1162 + [C#sconf.servername, C#sconf.port])}
1138 1163 end;
1139 1164
1140 1165 ['<', "opaque", '>'] ->
4 test/Makefile
... ... @@ -1,8 +1,8 @@
1 1 include support/include.mk
2 2
3   -SUBDIRS = t1 t2 t3 t4 t5 eunit
  3 +SUBDIRS = t1 t2 t3 t4 t5 t6 eunit
4 4
5   -all: conf ibrowse
  5 +all: ibrowse
6 6 @cd src; $(MAKE) all
7 7 @set -e ; \
8 8 for d in $(SUBDIRS) ; do \
0  test/conf/deflate.conf → test/conf/deflateconf.conf
File renamed without changes
103 test/conf/no_docroot_appmod.conf
... ... @@ -0,0 +1,103 @@
  1 +
  2 +
  3 +logdir = ./logs
  4 +
  5 +# This the path to a directory where additional
  6 +# beam code can be placed. The daemon will add this
  7 +# directory to its search path
  8 +
  9 +ebin_dir = %YTOP%/test/ibrowse/ebin
  10 +include_dir = %YTOP%/test/include
  11 +
  12 +
  13 +
  14 +# This is a debug variable, possible values are http | traffic | false
  15 +# It is also possible to set the trace (possibly to the tty) while
  16 +# invoking yaws from the shell as in
  17 +# yaws -i -T -x (see man yaws)
  18 +
  19 +trace = false
  20 +
  21 +
  22 +
  23 +# it is possible to have yaws start additional
  24 +# application specific code at startup
  25 +#
  26 +# runmod = mymodule
  27 +
  28 +
  29 +# By default yaws will copy the erlang error_log and
  30 +# end write it to a wrap log called report.log (in the logdir)
  31 +# this feature can be turned off. This would typically
  32 +# be the case when yaws runs within another larger app
  33 +
  34 +copy_error_log = true
  35 +
  36 +
  37 +# Logs are wrap logs
  38 +
  39 +log_wrap_size = 1000000
  40 +
  41 +
  42 +# Possibly resolve all hostnames in logfiles so webalizer
  43 +# can produce the nice geography piechart
  44 +
  45 +log_resolve_hostname = false
  46 +
  47 +
  48 +
  49 +# fail completely or not if yaws fails
  50 +# to bind a listen socket
  51 +fail_on_bind_err = true
  52 +
  53 +
  54 +
  55 +# If yaws is started as root, it can, once it has opened
  56 +# all relevant sockets for listening, change the uid to a
  57 +# user with lower accessrights than root
  58 +
  59 +# username = nobody
  60 +
  61 +
  62 +# If HTTP auth is used, it is possible to have a specific
  63 +# auth log.
  64 +# Deprecated and ignored. Now, this target must be set in server part
  65 +#auth_log = true
  66 +
  67 +
  68 +# When we're running multiple yaws systems on the same
  69 +# host, we need to give each yaws system an individual
  70 +# name. Yaws will write a number of runtime files under
  71 +# /tmp/yaws/${id}
  72 +# The default value is "default"
  73 +
  74 +
  75 +# id = myname
  76 +
  77 +
  78 +# earlier versions of Yaws picked the first virtual host
  79 +# in a list of hosts with the same IP/PORT when the Host:
  80 +# header doesn't match any name on any Host
  81 +# This is often nice in testing environments but not
  82 +# acceptable in real live hosting scenarios
  83 +
  84 +pick_first_virthost_on_nomatch = true
  85 +
  86 +
  87 +# All unices are broken since it's not possible to bind to
  88 +# a privileged port (< 1024) unless uid==0
  89 +# There is a contrib in jungerl which makes it possible by means
  90 +# of an external setuid root programm called fdsrv to listen to
  91 +# to privileged port.
  92 +# If we use this feature, it requires fdsrv to be properly installed.
  93 +# Doesn't yet work with SSL.
  94 +
  95 +use_fdsrv = false
  96 +
  97 +keepalive_timeout = 10000
  98 +
  99 +<server am>
  100 + listen = 0.0.0.0
  101 + port = 8000
  102 + appmods = <"/", app_module>
  103 +</server>
103 test/conf/no_docroot_fwdproxy.conf
... ... @@ -0,0 +1,103 @@
  1 +
  2 +
  3 +logdir = ./logs
  4 +
  5 +# This the path to a directory where additional
  6 +# beam code can be placed. The daemon will add this
  7 +# directory to its search path
  8 +
  9 +ebin_dir = %YTOP%/test/ibrowse/ebin
  10 +include_dir = %YTOP%/test/include
  11 +
  12 +
  13 +
  14 +# This is a debug variable, possible values are http | traffic | false
  15 +# It is also possible to set the trace (possibly to the tty) while
  16 +# invoking yaws from the shell as in
  17 +# yaws -i -T -x (see man yaws)
  18 +
  19 +trace = false
  20 +
  21 +
  22 +
  23 +# it is possible to have yaws start additional
  24 +# application specific code at startup
  25 +#
  26 +# runmod = mymodule
  27 +
  28 +
  29 +# By default yaws will copy the erlang error_log and
  30 +# end write it to a wrap log called report.log (in the logdir)
  31 +# this feature can be turned off. This would typically
  32 +# be the case when yaws runs within another larger app
  33 +
  34 +copy_error_log = true
  35 +
  36 +
  37 +# Logs are wrap logs
  38 +
  39 +log_wrap_size = 1000000
  40 +
  41 +
  42 +# Possibly resolve all hostnames in logfiles so webalizer
  43 +# can produce the nice geography piechart
  44 +
  45 +log_resolve_hostname = false
  46 +
  47 +
  48 +
  49 +# fail completely or not if yaws fails
  50 +# to bind a listen socket
  51 +fail_on_bind_err = true
  52 +
  53 +
  54 +
  55 +# If yaws is started as root, it can, once it has opened
  56 +# all relevant sockets for listening, change the uid to a
  57 +# user with lower accessrights than root
  58 +
  59 +# username = nobody
  60 +
  61 +
  62 +# If HTTP auth is used, it is possible to have a specific
  63 +# auth log.
  64 +# Deprecated and ignored. Now, this target must be set in server part
  65 +#auth_log = true
  66 +
  67 +
  68 +# When we're running multiple yaws systems on the same
  69 +# host, we need to give each yaws system an individual
  70 +# name. Yaws will write a number of runtime files under
  71 +# /tmp/yaws/${id}
  72 +# The default value is "default"
  73 +
  74 +
  75 +# id = myname
  76 +
  77 +
  78 +# earlier versions of Yaws picked the first virtual host
  79 +# in a list of hosts with the same IP/PORT when the Host:
  80 +# header doesn't match any name on any Host
  81 +# This is often nice in testing environments but not
  82 +# acceptable in real live hosting scenarios
  83 +
  84 +pick_first_virthost_on_nomatch = true
  85 +
  86 +
  87 +# All unices are broken since it's not possible to bind to
  88 +# a privileged port (< 1024) unless uid==0
  89 +# There is a contrib in jungerl which makes it possible by means
  90 +# of an external setuid root programm called fdsrv to listen to
  91 +# to privileged port.
  92 +# If we use this feature, it requires fdsrv to be properly installed.
  93 +# Doesn't yet work with SSL.
  94 +
  95 +use_fdsrv = false
  96 +
  97 +keepalive_timeout = 10000
  98 +
  99 +<server fp>
  100 + listen = 0.0.0.0
  101 + port = 8000
  102 + fwdproxy = true
  103 +</server>
105 test/conf/no_docroot_redirect.conf
... ... @@ -0,0 +1,105 @@
  1 +
  2 +
  3 +logdir = ./logs
  4 +
  5 +# This the path to a directory where additional
  6 +# beam code can be placed. The daemon will add this
  7 +# directory to its search path
  8 +
  9 +ebin_dir = %YTOP%/test/ibrowse/ebin
  10 +include_dir = %YTOP%/test/include
  11 +
  12 +
  13 +
  14 +# This is a debug variable, possible values are http | traffic | false
  15 +# It is also possible to set the trace (possibly to the tty) while
  16 +# invoking yaws from the shell as in
  17 +# yaws -i -T -x (see man yaws)
  18 +
  19 +trace = false
  20 +
  21 +
  22 +
  23 +# it is possible to have yaws start additional
  24 +# application specific code at startup
  25 +#
  26 +# runmod = mymodule
  27 +
  28 +
  29 +# By default yaws will copy the erlang error_log and
  30 +# end write it to a wrap log called report.log (in the logdir)
  31 +# this feature can be turned off. This would typically
  32 +# be the case when yaws runs within another larger app
  33 +
  34 +copy_error_log = true
  35 +
  36 +
  37 +# Logs are wrap logs
  38 +
  39 +log_wrap_size = 1000000
  40 +
  41 +
  42 +# Possibly resolve all hostnames in logfiles so webalizer
  43 +# can produce the nice geography piechart
  44 +
  45 +log_resolve_hostname = false
  46 +
  47 +
  48 +
  49 +# fail completely or not if yaws fails
  50 +# to bind a listen socket
  51 +fail_on_bind_err = true
  52 +
  53 +
  54 +
  55 +# If yaws is started as root, it can, once it has opened
  56 +# all relevant sockets for listening, change the uid to a
  57 +# user with lower accessrights than root
  58 +
  59 +# username = nobody
  60 +
  61 +
  62 +# If HTTP auth is used, it is possible to have a specific
  63 +# auth log.
  64 +# Deprecated and ignored. Now, this target must be set in server part
  65 +#auth_log = true
  66 +
  67 +
  68 +# When we're running multiple yaws systems on the same
  69 +# host, we need to give each yaws system an individual
  70 +# name. Yaws will write a number of runtime files under
  71 +# /tmp/yaws/${id}
  72 +# The default value is "default"
  73 +
  74 +
  75 +# id = myname
  76 +
  77 +
  78 +# earlier versions of Yaws picked the first virtual host
  79 +# in a list of hosts with the same IP/PORT when the Host:
  80 +# header doesn't match any name on any Host
  81 +# This is often nice in testing environments but not
  82 +# acceptable in real live hosting scenarios
  83 +
  84 +pick_first_virthost_on_nomatch = true
  85 +
  86 +
  87 +# All unices are broken since it's not possible to bind to
  88 +# a privileged port (< 1024) unless uid==0
  89 +# There is a contrib in jungerl which makes it possible by means
  90 +# of an external setuid root programm called fdsrv to listen to
  91 +# to privileged port.
  92 +# If we use this feature, it requires fdsrv to be properly installed.
  93 +# Doesn't yet work with SSL.
  94 +
  95 +use_fdsrv = false
  96 +
  97 +keepalive_timeout = 10000
  98 +
  99 +<server rd>
  100 + listen = 0.0.0.0
  101 + port = 8000
  102 + <redirect>
  103 + "/" == http://yaws.hyber.org/
  104 + </redirect>
  105 +</server>
103 test/conf/no_docroot_revproxy.conf
... ... @@ -0,0 +1,103 @@
  1 +
  2 +
  3 +logdir = ./logs
  4 +
  5 +# This the path to a directory where additional
  6 +# beam code can be placed. The daemon will add this
  7 +# directory to its search path
  8 +
  9 +ebin_dir = %YTOP%/test/ibrowse/ebin
  10 +include_dir = %YTOP%/test/include
  11 +
  12 +
  13 +
  14 +# This is a debug variable, possible values are http | traffic | false
  15 +# It is also possible to set the trace (possibly to the tty) while
  16 +# invoking yaws from the shell as in
  17 +# yaws -i -T -x (see man yaws)
  18 +
  19 +trace = false
  20 +
  21 +
  22 +
  23 +# it is possible to have yaws start additional
  24 +# application specific code at startup
  25 +#
  26 +# runmod = mymodule
  27 +
  28 +
  29 +# By default yaws will copy the erlang error_log and
  30 +# end write it to a wrap log called report.log (in the logdir)
  31 +# this feature can be turned off. This would typically
  32 +# be the case when yaws runs within another larger app
  33 +
  34 +copy_error_log = true
  35 +
  36 +
  37 +# Logs are wrap logs
  38 +
  39 +log_wrap_size = 1000000
  40 +
  41 +
  42 +# Possibly resolve all hostnames in logfiles so webalizer
  43 +# can produce the nice geography piechart
  44 +
  45 +log_resolve_hostname = false
  46 +
  47 +
  48 +
  49 +# fail completely or not if yaws fails
  50 +# to bind a listen socket
  51 +fail_on_bind_err = true
  52 +
  53 +
  54 +
  55 +# If yaws is started as root, it can, once it has opened
  56 +# all relevant sockets for listening, change the uid to a
  57 +# user with lower accessrights than root
  58 +
  59 +# username = nobody
  60 +
  61 +
  62 +# If HTTP auth is used, it is possible to have a specific
  63 +# auth log.
  64 +# Deprecated and ignored. Now, this target must be set in server part
  65 +#auth_log = true
  66 +
  67 +
  68 +# When we're running multiple yaws systems on the same
  69 +# host, we need to give each yaws system an individual
  70 +# name. Yaws will write a number of runtime files under
  71 +# /tmp/yaws/${id}
  72 +# The default value is "default"
  73 +
  74 +
  75 +# id = myname
  76 +
  77 +
  78 +# earlier versions of Yaws picked the first virtual host
  79 +# in a list of hosts with the same IP/PORT when the Host:
  80 +# header doesn't match any name on any Host
  81 +# This is often nice in testing environments but not
  82 +# acceptable in real live hosting scenarios
  83 +
  84 +pick_first_virthost_on_nomatch = true
  85 +
  86 +
  87 +# All unices are broken since it's not possible to bind to
  88 +# a privileged port (< 1024) unless uid==0
  89 +# There is a contrib in jungerl which makes it possible by means
  90 +# of an external setuid root programm called fdsrv to listen to
  91 +# to privileged port.
  92 +# If we use this feature, it requires fdsrv to be properly installed.
  93 +# Doesn't yet work with SSL.
  94 +
  95 +use_fdsrv = false
  96 +
  97 +keepalive_timeout = 10000
  98 +
  99 +<server rp>
  100 + listen = 0.0.0.0
  101 + port = 8000
  102 + revproxy = "/" http://yaws.hyber.org
  103 +</server>
0  test/conf/revproxy.conf → test/conf/revproxyconf.conf
File renamed without changes
20 test/support/include.mk.in
@@ -6,6 +6,8 @@ YTOP="@YTOP@"
6 6
7 7 YAWS=$(YTOP)/bin/yaws
8 8
  9 +SUBST=../../scripts/Subst
  10 +
9 11 COMPILER_PA = -pa $(YTOP)/ebin
10 12
11 13 %.beam: %.erl
@@ -51,18 +53,6 @@ stop:
51 53 quiet_stop:
52 54 $(YTOP)/bin/yaws --id testid --stop >/dev/null 2>&1 && sleep 5 || true
53 55
54   -stdconf:
55   - cat ../conf/stdconf.conf | \
56   - ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
57   -
58   -authconf:
59   - cat ../conf/authconf.conf | \
60   - ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
61   -
62   -revproxyconf:
63   - cat ../conf/revproxy.conf | \
64   - ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
65   -
66   -deflateconf:
67   - cat ../conf/deflate.conf | \
68   - ../../scripts/Subst %YTOP% $(YTOP) > yaws.conf
  56 +stdconf authconf revproxyconf deflateconf:
  57 + cat ../conf/$@.conf | \
  58 + $(SUBST) %YTOP% $(YTOP) > yaws.conf
2  test/t1/Makefile
... ... @@ -1,6 +1,6 @@
1 1 include ../support/include.mk
2 2
3   -.PHONY: all test newconf small_datafile t1 t2 t3 t4 t5 t6 t7 json
  3 +.PHONY: all test conf newconf small_datafile t1 t2 t3 t4 t5 t6 t7 json
4 4
5 5 all: conf setup
6 6 @echo "all ok"
2  test/t2/Makefile
... ... @@ -1,6 +1,6 @@
1 1 include ../support/include.mk
2 2
3   -.PHONY: all test debug clean
  3 +.PHONY: all test conf debug clean
4 4
5 5 #
6 6 all: conf setup app_test.beam streamtest.beam jsontest.beam posttest.beam \
2  test/t3/Makefile
... ... @@ -1,6 +1,6 @@
1 1 include ../support/include.mk
2 2
3   -.PHONY: all test debug clean
  3 +.PHONY: all test conf debug clean
4 4
5 5 #
6 6 all: conf setup app_test.beam authmodtest.beam outmodtest.beam
2  test/t4/Makefile
... ... @@ -1,6 +1,6 @@
1 1 include ../support/include.mk
2 2
3   -.PHONY: all test debug clean
  3 +.PHONY: all test conf debug clean
4 4
5 5 T4BEAMS := app_test.beam \
6 6 rewritetest.beam \
2  test/t5/Makefile
... ... @@ -1,6 +1,6 @@
1 1 include ../support/include.mk
2 2
3   -.PHONY: all test debug clean
  3 +.PHONY: all test conf debug clean
4 4
5 5 #
6 6 all: conf setup app_test.beam emptytest.beam streamtest.beam smalltest.beam bigtest.beam
32 test/t6/Makefile
... ... @@ -0,0 +1,32 @@
  1 +include ../support/include.mk
  2 +
  3 +NO_DOCROOT_TESTS = no_docroot_revproxy \
  4 + no_docroot_fwdproxy \
  5 + no_docroot_redirect \
  6 + no_docroot_appmod
  7 +
  8 +.PHONY: all test conf $(NO_DOCROOT_TESTS)
  9 +
  10 +all: setup
  11 + @echo "all ok"
  12 +
  13 +## to run test, do
  14 +# make all test
  15 +
  16 +test: all
  17 + set -e ; \
  18 + for t in $(NO_DOCROOT_TESTS); do \
  19 + $(MAKE) $$t ; \
  20 + done
  21 +
  22 +$(NO_DOCROOT_TESTS):
  23 + @rm -f yaws.conf
  24 + cat ../conf/$@.conf | \
  25 + $(SUBST) %YTOP% $(YTOP) > yaws.conf
  26 + set -e ; $(MAKE) start ; $(MAKE) stop
  27 +
  28 +clean: tclean
  29 + -rm -rf localhost:8000 yaws.conf
  30 +
  31 +# needed because target is called by top-level test/Makefile
  32 +conf:

0 comments on commit ea1e77b

Please sign in to comment.
Something went wrong with that request. Please try again.