fix(connlib): default to 443 for websocket endpoint (#6961)

In #6909, we introduced a regression that wasn't caught by CI. Previously, we were using a different function to resolve the domain name of the portal. That function took care of handling the case where the host didn't have a port number. In the docker-compose file we always specify a port number, therefore the case of host-only doesn't get tested. This currently prevents all clients from signing in to staging & prod.
2026-01-27 10:18:54 +00:00 · 2024-10-09 01:19:24 +11:00
parent 38c46b41c9
commit 42f6106527
2 changed files with 21 additions and 11 deletions
--- a/rust/phoenix-channel/src/lib.rs
+++ b/rust/phoenix-channel/src/lib.rs
@@ -246,7 +246,7 @@ where
        // We expose them to other components that deal with DNS stuff to ensure our domain always resolves to these IPs.
        let resolved_addresses = url
            .expose_secret()
-            .host()
+            .host_and_port()
            .to_socket_addrs()?
            .map(|addr| addr.ip())
            .collect();
@@ -281,7 +281,7 @@ where

    /// The host we are connecting / connected to.
    pub fn server_host(&self) -> &str {
-        self.url_prototype.expose_secret().host()
+        self.url_prototype.expose_secret().host_and_port().0
    }

    /// Join the provided room.
@@ -364,7 +364,7 @@ where
                        self.heartbeat.reset();
                        self.state = State::Connected(stream);

-                        let host = self.url_prototype.expose_secret().host();
+                        let (host, _) = self.url_prototype.expose_secret().host_and_port();

                        tracing::info!(%host, "Connected to portal");
                        self.join(self.login, self.init_req.clone());
--- a/rust/phoenix-channel/src/login_url.rs
+++ b/rust/phoenix-channel/src/login_url.rs
@@ -38,6 +38,7 @@ pub struct LoginUrl<TFinish> {
    // This is duplicated here because `Url::host` is fallible.
    // If we don't duplicate it, we'd have to do extra error handling in several places instead of just one place.
    host: String,
+    port: u16,

    phantom: PhantomData<TFinish>,
 }
@@ -99,8 +100,11 @@ impl LoginUrl<PublicKeyParam> {
            device_info,
        )?;

+        let (host, port) = parse_host(&url)?;
+
        Ok(LoginUrl {
-            host: parse_host(&url)?,
+            host,
+            port,
            url,
            phantom: PhantomData,
        })
@@ -129,8 +133,11 @@ impl LoginUrl<PublicKeyParam> {
            Default::default(),
        )?;

+        let (host, port) = parse_host(&url)?;
+
        Ok(LoginUrl {
-            host: parse_host(&url)?,
+            host,
+            port,
            url,
            phantom: PhantomData,
        })
@@ -158,8 +165,11 @@ impl LoginUrl<NoParams> {
            Default::default(),
        )?;

+        let (host, port) = parse_host(&url)?;
+
        Ok(LoginUrl {
-            host: parse_host(&url)?,
+            host,
+            port,
            url,
            phantom: PhantomData,
        })
@@ -180,18 +190,18 @@ where
 }

 impl<TFinish> LoginUrl<TFinish> {
-    pub fn host(&self) -> &str {
-        &self.host
+    pub fn host_and_port(&self) -> (&str, u16) {
+        (&self.host, self.port)
    }
 }

 /// Parse the host from a URL, including port if present. e.g. `example.com:8080`.
-fn parse_host<E>(url: &Url) -> Result<String, LoginUrlError<E>> {
+fn parse_host<E>(url: &Url) -> Result<(String, u16), LoginUrlError<E>> {
    let host = url.host_str().ok_or(LoginUrlError::MissingHost)?;

    Ok(match url.port() {
-        Some(p) => format!("{host}:{p}"),
-        None => host.to_owned(),
+        Some(p) => (host.to_owned(), p),
+        None => (host.to_owned(), 443),
    })
 }