Rewriting fixes

- fix path regex captures indexes
- replace missing optional captures by empty string (instead of panic)
- skip first dot in host subdomain regex
- force full match on host regex
- use cluster https port for custom https redirections

Signed-off-by: Eloi DEMOLIS <[email protected]>

Author: Wonshtrum

lib/src/protocol/kawa_h1/mod.rs

@@ -1318,14 +1318,6 @@ impl<Front: SocketHandler, L: L7ListenerHandler> Http<Front, L> {
 
         let host = rewritten_host.as_deref().unwrap_or(host);
         let path = rewritten_path.as_deref().unwrap_or(path);
-        let port = rewritten_port.map_or_else(
-            || {
-                port.map_or(String::new(), |port| {
-                    format!(":{}", unsafe { from_utf8_unchecked(port) })
-                })
-            },
-            |port| format!(":{port}"),
-        );
         let is_https = matches!(proxy.borrow().kind(), ListenerType::Https);
         let proto = match (redirect_scheme, is_https) {
             (RedirectScheme::UseHttp, _) | (RedirectScheme::UseSame, false) => "http",
@@ -1370,6 +1362,18 @@ impl<Front: SocketHandler, L: L7ListenerHandler> Http<Front, L> {
                 }
             };
 
+        let port = match (
+            port,
+            rewritten_port,
+            https_redirect_port,
+            !is_https && https_redirect,
+        ) {
+            (_, Some(port), _, _) => format!(":{port}"),
+            (_, _, Some(port), true) => format!(":{port}"),
+            (Some(port), _, _, _) => format!(":{}", unsafe { from_utf8_unchecked(port) }),
+            _ => String::new(),
+        };
+
         match (cluster_id, redirect, redirect_template, authorized) {
             (_, RedirectPolicy::Permanent, _, true) => {
                 let location = format!("{proto}://{host}{port}{path}");
@@ -1383,9 +1387,6 @@ impl<Front: SocketHandler, L: L7ListenerHandler> Http<Front, L> {
             }
             (Some(cluster_id), RedirectPolicy::Forward, None, true) => {
                 if !is_https && https_redirect {
-                    let port = rewritten_port
-                        .or_else(|| https_redirect_port.map(|port| port as u16))
-                        .map_or(String::new(), |port| format!(":{port}"));
                     let location = format!("https://{host}{port}{path}");
                     self.set_answer(DefaultAnswer::Answer301 { location });
                     return Err(RetrieveClusterError::Redirected);

lib/src/router/mod.rs

@@ -393,7 +393,7 @@ pub enum DomainRule {
 }
 
 fn convert_regex_domain_rule(hostname: &str) -> Option<String> {
-    let mut result = String::new();
+    let mut result = String::from("\\A");
 
     let s = hostname.as_bytes();
     let mut index = 0;
@@ -436,6 +436,7 @@ fn convert_regex_domain_rule(hostname: &str) -> Option<String> {
         }
 
         if index == s.len() {
+            result.push_str("\\z");
             return Some(result);
         } else if s[index] == b'.' {
             result.push_str("\\.");
@@ -962,13 +963,12 @@ impl RouteResult {
                 PathRule::Prefix(prefix) => {
                     captures_path.push(unsafe { from_utf8_unchecked(&path[prefix.len()..]) })
                 }
-                PathRule::Regex(regex) => captures_path.extend(
-                    regex
-                        .captures(path)
-                        .unwrap()
-                        .iter()
-                        .map(|c| unsafe { from_utf8_unchecked(c.unwrap().as_bytes()) }),
-                ),
+                PathRule::Regex(regex) => {
+                    captures_path.extend(regex.captures(path).unwrap().iter().skip(1).map(|c| {
+                        c.map(|c| unsafe { from_utf8_unchecked(c.as_bytes()) })
+                            .unwrap_or("")
+                    }))
+                }
                 _ => {}
             }
         }

lib/src/router/pattern_trie.rs

@@ -132,7 +132,8 @@ impl<V: Debug + Clone> TrieNode<V> {
                         }
                     }
 
-                    if let Ok(r) = Regex::new(s) {
+                    let s = format!("\\A{s}\\z");
+                    if let Ok(r) = Regex::new(&s) {
                         if pos > 0 {
                             let mut node = TrieNode::root();
                             let pos = pos - 1;
@@ -300,11 +301,11 @@ impl<V: Debug + Clone> TrieNode<V> {
                 } else {
                     //println!("there's still a subdomain, wildcard does not apply");
 
-                    // let suffix = if suffix[0] == b'.' {
-                    //     &suffix[1..]
-                    // } else {
-                    //     suffix
-                    // };
+                    let suffix = if suffix[0] == b'.' {
+                        &suffix[1..]
+                    } else {
+                        suffix
+                    };
                     for (regexp, child) in &self.regexps {
                         //println!("testing regexp: {} on suffix {}", r.as_str(), str::from_utf8(s).unwrap());
 
@@ -374,12 +375,12 @@ impl<V: Debug + Clone> TrieNode<V> {
                 } else {
                     //println!("there's still a subdomain, wildcard does not apply");
 
-                    for (ref regexp, ref mut child) in self.regexps.iter_mut() {
-                        let suffix = if suffix[0] == b'.' {
-                            &suffix[1..]
-                        } else {
-                            suffix
-                        };
+                    let suffix = if suffix[0] == b'.' {
+                        &suffix[1..]
+                    } else {
+                        suffix
+                    };
+                    for (regexp, child) in &mut self.regexps {
                         //println!("testing regexp: {} on suffix {}", r.as_str(), str::from_utf8(s).unwrap());
 
                         if regexp.is_match(suffix) {