(bozo)httpd doesn't match FQDN for virtual hosts?

To: netbsd-users%NetBSD.org@localhost
Subject: (bozo)httpd doesn't match FQDN for virtual hosts?
From: "John D. Baker" <jdbaker%consolidated.net@localhost>
Date: Sat, 15 Dec 2018 10:00:51 -0600 (CST)

On a friend's server, I had set up a basic placeholder web page with
'(bozo)httpd' in NetBSD-8.0_STABLE (amd64).  It happily served using
the virtual hosts feature with the "slashdir" as a fallback for sites
not hosted on his server.

When his domain expired and got sniped, I extended the umbrella of
another domain over his server.  I renamed the virtual host document
root to match the (new) FQDN of the machine.  The machine only ever
serves for itself, not any other domains.

Instead of the expected root document, I get the fallback from the
"slashdir".

The setup:

  $ hostname
  foo.bar.tld

  $ sysctl kern.hostname
  kern.hostname = foo.bar.tld

In "/etc/rc.conf":

  httpd=YES
  httpd_flags="-u -V -v ${httpd_wwwdir}/vhosts"

in ${httpd_wwwdir}:

  -rw-r--r--   1 _httpd  _httpd  212 Nov 27 10:48 index.html
  drwxr-xr-x   3 _httpd  _httpd  512 Dec 15 08:57 vhosts/

in ${httpd_wwwdir}/vhosts:

  lrwxr-xr-x  1 _httpd  _httpd   18 Dec 14 22:00 foo@ -> foo.bar.tld
  drwxr-xr-x  2 _httpd  _httpd  512 Nov 27 11:06 foo.bar.tld/
  lrwxr-xr-x  1 _httpd  _httpd   18 Dec 14 22:02 bar.tld@ -> foo.bar.tld

Hand-crafting HTTP GET requests, specifying "Host: foo.bar.tld" or "Host:
foo" returns the fallback "index.html" from "${httpd_wwwdir}".  Specifying
"Host: bar.tld" returns the expected "index.html" from
"${httpd_wwwdir}/vhosts/foo.bar.tld"

According to httpd(8) [BOZOHTTPD(8)], the default for the optional
"myname" argument is the machine's local host name returned by
"gethostname(3)".  Something seems to be stripping the first element of
the hostname so that '(bozo)httpd' won't match the FQDN but only the
domain name itself.

To verify, I started the server manually and specified the hostname
directly:

  sudo /usr/libexec/httpd -u -V -v /var/www/vhosts -U _httpd \
  -b /var/www $(hostname)

The result was the same.  Then I added an extra element before
the FQDN:

  sudo /usr/libexec/httpd -u -V -v /var/www/vhosts -U _httpd \
  -b /var/www www.$(hostname)

Thereafter, GET requests to the server's FQDN (i.e., ordinary HTTP/1.1
GET requests sent by any standards-compliant browser) worked.

I don't see any provision for specifying the optional "myname" argument
through the "rc.conf" mechanisms, except perhaps to append to the
"httpd_wwwdir" variable (after all other uses of it, of course).  Maybe
the "rc.conf.d/httpd" feature can be employed to define extra variables
and place them appropriately in the command line.  I've only used that
once before, long ago...

True, I could simply not use the virtual host feature, but I figured
it would be a safeguard against rogue DNS entries.

-- 
|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]consolidated[flyspeck]net  OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645

Prev by Date: Re: Problems loading NetBSD on an ANTSLE box
Next by Date: RE: Problems loading NetBSD on an ANTSLE box
Previous by Thread: Problems loading NetBSD on an ANTSLE box
Next by Thread: is powerd supposed to work any more?
Indexes:

Home | Main Index | Thread Index | Old Index