alkdev/reverse-proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Decompose implementation review fixes into 14 atomic tasks with post-fix review

Browse Source 
Break down findings from review #002 into dependency-ordered fix tasks:

Critical/High:
- fix/acme-contact-and-challenge (C1+C2): Add acme_contact field, wire to
  ACME, remove unused challenge_config, add validation rule 19
- fix/remove-health-and-hardcode-https (W5+W14+ADR-022): Remove /health
  from main listener, hardcode X-Forwarded-Proto to https
- fix/config-reload-static-drift (C4): Use ArcSwap<StaticConfig> so reload
  diffs against last config, not startup config
- fix/access-logging (W13): Wire up log_request! macro for every proxied
  request with client_ip, host, method, path, status, upstream, duration_ms

Medium:
- fix/graceful-shutdown (W1+W7): Join HTTPS tasks with timeout instead of
  abort, add shutdown signal to admin socket and eviction task
- fix/connect-timeout (W4): Wire upstream_connect_timeout_secs to enforce
  separate connect timeout

Low/Independent:
- fix/token-bucket-nanosecond (W6): Use as_nanos() instead of as_millis()
- fix/normalize-host-ipv6 (S3): Handle IPv6 bracket notation in normalize_host
- fix/http-port-validation (S1): Validate http_port in range 0 or 1-65535
- fix/integration-test-toml (S10): Fix double-nested listeners.listeners.sites
- fix/logging-test-global-subscriber (W9): Use try_init() to avoid test conflicts
- fix/fragile-error-detection (W3): Add typed error matching or documented string match
- fix/add-code-comments (C3,W8,W10,W11,S9): Document correct-but-non-obvious behaviors
- fix/request-timeout-scope (S8): Document full-request timeout scope
- fix/clean-dead-code (S4+S2): Remove dead_code annotations, add #[non_exhaustive]

Review gate:
- review/post-fix-review: Verify all fixes against architecture spec
This commit is contained in:
glm-5.1
2026-06-12 04:08:45 +00:00
parent fe1ae6c05e
commit f9d7b8112b
16 changed files with 1074 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
tasks/fix/http-port-validation.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: fix/http-port-validation
name: Add http_port range validation (0 or 1-65535)
status: pending
depends_on: []
scope: single
risk: trivial
impact: isolated
level: implementation
review_findings: [S1]
---
## Description
The `http_port` validation only checks for port conflicts and whether `http_port > 0` (for the conflict check). It doesn't validate that `http_port` is in the valid range: 0 (disabled) or 1-65535. A value like `65536` or `-1` would pass validation incorrectly. There's already a `HttpsPortInvalid` error for https_port, but no equivalent for http_port.
### Changes Required
**`src/config/validation.rs`**:
- Add a validation check after the existing `http_port` conflict logic:
```rust
if listener.http_port > 65535 {
errors.push(ValidationError::HttpPortInvalid {
bind_addr: listener.bind_addr.clone(),
http_port: listener.http_port,
});
}
```
- Note: `http_port = 0` is already treated as "disabled" and should be allowed, so only check `> 65535`
**Tests**:
- Add a test for `http_port = 65536` producing `HttpPortInvalid`
- Add a test for `http_port = 0` still being valid (disabled)
## Acceptance Criteria
- [ ] `http_port > 65535` produces a validation error
- [ ] `http_port = 0` (disabled) remains valid
- [ ] `http_port` in 1-65535 remains valid
- [ ] New `HttpPortInvalid` error variant with descriptive message
- [ ] Existing validation tests pass
- [ ] `cargo clippy` passes with no warnings
## References
- docs/reviews/002-implementation-review.md — S1 finding
- src/config/validation.rs — existing validation logic
## Notes
> To be filled by implementation agent
## Summary
> To be filled on completion