Restore suffix-capable request handling (#23)

This changed in #16 to accept only the exact request path `/ct/v1/get-entries`. But it turns out it's easier for the reverse-proxy configuration if we go back to the old behavior: accepting any request path ending in `/ct/v1/get-entries`.
letsencrypt · Sep 12, 2023 · f866e4d · f866e4d
1 parent 25eea42
commit f866e4d
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 8 deletions.
diff --git a/integration_test.go b/integration_test.go
@@ -74,6 +74,10 @@ func TestIntegration(t *testing.T) {
 	//
 	// This acts like a CT log with a max_getentries limit of 3 and 10 elements in total.
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.URL.Path != "/ct/v1/get-entries" {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
 		startInt, _ := strconv.ParseInt(r.URL.Query().Get("start"), 10, 64)
 		endInt, _ := strconv.ParseInt(r.URL.Query().Get("end"), 10, 64)
 		var entries entries
@@ -142,10 +146,10 @@ func TestIntegration(t *testing.T) {
 
 	ctile := makeTCH(server.URL, s3Service)
 
-	// Invalid URL; should be passed through to backend and 400
+	// Invalid URL; should 404 passed through to backend and 400
 	resp := getResp(ctile, "/foo")
-	if resp.StatusCode != 400 {
-		t.Errorf("expected 400 got %d", resp.StatusCode)
+	if resp.StatusCode != 404 {
+		t.Errorf("expected 404 got %d", resp.StatusCode)
 	}
 
 	// Malformed queries; should 400
@@ -197,6 +201,13 @@ func TestIntegration(t *testing.T) {
 		t.Errorf("expected 2 entries got %d", len(twoEntriesB.Entries))
 	}
 
+	// Same query with a different prefix; should succeed
+	_, _, err = getAndParseResp(t, ctile, "/ctile/ct/v1/get-entries?start=3&end=4")
+	if err != nil {
+		t.Error(err)
+	}
+	ctile.requestsMetric.Reset()
+
 	// The results from the first and second queries should be the same
 	if !reflect.DeepEqual(twoEntriesA, twoEntriesB) {
 		t.Errorf("expected equal responses got %#v != %#v", twoEntriesA, twoEntriesB)

diff --git a/main.go b/main.go
@@ -15,6 +15,7 @@ import (
 	"net/url"
 	"os"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/aws/aws-sdk-go-v2/aws"
@@ -294,6 +295,11 @@ type tileCachingHandler struct {
 }
 
 func (tch *tileCachingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	// For non-get-entries requests, pass them along to the backend
+	if !strings.HasSuffix(r.URL.Path, "/ct/v1/get-entries") {
+		passthroughHandler{logURL: tch.logURL}.ServeHTTP(w, r)
+		return
+	}
 	start, end, err := parseQueryParams(r.URL.Query())
 	if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
@@ -556,17 +562,13 @@ func main() {
 		singleFlightShared: singleFlightShared,
 	}
 
-	mux := http.NewServeMux()
-	mux.Handle("/ct/v1/get-entries", handler)
-	mux.Handle("/ct/v1/", passthroughHandler{logURL: *logURL})
-
 	srv := http.Server{
 		Addr:              *listenAddress,
 		ReadTimeout:       5 * time.Second,
 		WriteTimeout:      *fullRequestTimeout + 1*time.Second, // must be a bit larger than the max time spent in the HTTP handler
 		IdleTimeout:       5 * time.Minute,
 		ReadHeaderTimeout: 2 * time.Second,
-		Handler:           mux,
+		Handler:           handler,
 	}
 
 	log.Fatal(srv.ListenAndServe())