Add HostSNIRegexp rule matcher for TCP

2022-03-18 16:04:08 +01:00 · 2022-03-18 16:04:08 +01:00 · 2da7fa0397
commit 2da7fa0397
parent 0d58e8d1ad
3 changed files with 311 additions and 7 deletions
--- a/docs/content/routing/routers/index.md
+++ b/docs/content/routing/routers/index.md
@ -819,16 +819,25 @@ If the rule is verified, the router becomes active, calls middlewares, and then

 The table below lists all the available matchers:

-| Rule                                        | Description                                                                                               |
-|---------------------------------------------|-----------------------------------------------------------------------------------------------------------|
-| ```HostSNI(`domain-1`, ...)```              | Check if the Server Name Indication corresponds to the given `domains`.                                   |
-| ```ClientIP(`10.0.0.0/16`, `::1`)```        | Check if the request client IP is one of the given IP/CIDR. It accepts IPv4, IPv6 and CIDR formats.       |
+| Rule                                                                      | Description                                                                                               |
+|---------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------|
+| ```HostSNI(`domain-1`, ...)```                                            | Check if the Server Name Indication corresponds to the given `domains`.                                   |
+| ```HostSNIRegexp(`example.com`, `{subdomain:[a-z]+}.example.com`, ...)``` | Check if the Server Name Indication matches the given regular expressions. See "Regexp Syntax" below. |
+| ```ClientIP(`10.0.0.0/16`, `::1`)```                                      | Check if the request client IP is one of the given IP/CIDR. It accepts IPv4, IPv6 and CIDR formats.       |

 !!! important "Non-ASCII Domain Names"

-    Non-ASCII characters are not supported in the `HostSNI` expression, and by doing so the associated TCP router will be invalid.
+    Non-ASCII characters are not supported in the `HostSNI` and `HostSNIRegexp` expressions, and so using them would invalidate the associated TCP router.
    Domain names containing non-ASCII characters must be provided as punycode encoded values ([rfc 3492](https://tools.ietf.org/html/rfc3492)).

+!!! important "Regexp Syntax"
+
+    `HostSNIRegexp` accepts an expression with zero or more groups enclosed by curly braces, which are called named regexps.
+    Named regexps, of the form `{name:regexp}`, are the only expressions considered for regexp matching.
+    The regexp name (`name` in the above example) is an arbitrary value, that exists only for historical reasons.
+
+    Any `regexp` supported by [Go's regexp package](https://golang.org/pkg/regexp/) may be used.
+
 !!! important "HostSNI & TLS"

    It is important to note that the Server Name Indication is an extension of the TLS protocol.