From 08b35f6b2116a1cb1efd1092b52d8ea54692deb5 Mon Sep 17 00:00:00 2001
From: Brian Picciano <mediocregopher@gmail.com>
Date: Sat, 20 May 2023 15:24:32 +0200
Subject: [PATCH] Fix acme challenges not taking priority over origins

---
 src/service.rs | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/src/service.rs b/src/service.rs
index edc7d22..fc55149 100644
--- a/src/service.rs
+++ b/src/service.rs
@@ -330,17 +330,11 @@ where
     }
     .and_then(|h| domain::Name::from_str(h).ok());
 
-    if let Some(domain) = maybe_host {
-        return svc.serve_origin(domain, req.uri().path());
-    }
-
     let method = req.method();
     let path = req.uri().path();
 
-    if method == Method::GET && path.starts_with("/static/") {
-        return svc.render(200, path, ());
-    }
-
+    // Serving acme challenges always takes priority. We serve them from the same store no matter
+    // the domain, presumably they are cryptographically random enough that it doesn't matter.
     if method == Method::GET && path.starts_with("/.well-known/acme-challenge/") {
         let token = path.trim_start_matches("/.well-known/acme-challenge/");
 
@@ -356,6 +350,17 @@ where
         }
     }
 
+    // If a managed domain was given then serve that from its origin
+    if let Some(domain) = maybe_host {
+        return svc.serve_origin(domain, req.uri().path());
+    }
+
+    // Serve main domiply site
+
+    if method == Method::GET && path.starts_with("/static/") {
+        return svc.render(200, path, ());
+    }
+
     match (method, path) {
         (&Method::GET, "/") | (&Method::GET, "/index.html") => svc.render_page("/index.html", ()),
         (&Method::GET, "/domain.html") => {