improve http request handling for internal services and multiple domains

per listener, you could enable the admin/account/webmail/webapi handlers. but
that would serve those services on their configured paths (/admin/, /,
/webmail/, /webapi/) on all domains mox would be webserving, including any
non-mail domains. so your www.example/admin/ would be serving the admin web
interface, with no way to disabled that.

with this change, the admin interface is only served on requests to (based on
Host header):
- ip addresses
- the listener host name (explicitly configured in the listener, with fallback
  to global hostname)
- "localhost" (for ssh tunnel/forwarding scenario's)

the account/webmail/webapi interfaces are served on the same domains as the
admin interface, and additionally:
- the client settings domains, as optionally configured in each Domain in
  domains.conf. typically "mail.<yourdomain>".

this means the internal services are no longer served on other domains
configured in the webserver, e.g. www.example.org/admin/ will not be handled
specially.

the order of evaluation of routes/services is also changed:
before this change, the internal handlers would always be evaluated first.
with this change, only the system handlers for
MTA-STS/autoconfig/ACME-validation will be evaluated first. then the webserver
handlers. and finally the internal services (admin/account/webmail/webapi).
this allows an admin to configure overrides for some of the domains (per
hostname-matching rules explained above) that would normally serve these
services.

webserver handlers can now be configured that pass the request to an internal
service: in addition to the existing static/redirect/forward config options,
there is now an "internal" config option, naming the service
(admin/account/webmail/webapi) for handling the request. this allows enabling
the internal services on custom domains.

for issue #160 by TragicLifeHu, thanks for reporting!

http/webserver.go

@@ -46,13 +46,13 @@ func recvid(r *http.Request) string {
 // WebHandle runs after the built-in handlers for mta-sts, autoconfig, etc.
 // If no handler matched, false is returned.
 // WebHandle sets w.Name to that of the matching handler.
-func WebHandle(w *loggingWriter, r *http.Request, host dns.Domain) (handled bool) {
+func WebHandle(w *loggingWriter, r *http.Request, host dns.IPDomain) (handled bool) {
 	conf := mox.Conf.DynamicConfig()
 	redirects := conf.WebDNSDomainRedirects
 	handlers := conf.WebHandlers
 
 	for from, to := range redirects {
-		if host != from {
+		if host.Domain != from {
 			continue
 		}
 		u := r.URL
@@ -64,7 +64,7 @@ func WebHandle(w *loggingWriter, r *http.Request, host dns.Domain) (handled bool
 	}
 
 	for _, h := range handlers {
-		if host != h.DNSDomain {
+		if host.Domain != h.DNSDomain {
 			continue
 		}
 		loc := h.Path.FindStringIndex(r.URL.Path)
@@ -99,6 +99,10 @@ func WebHandle(w *loggingWriter, r *http.Request, host dns.Domain) (handled bool
 			w.Handler = h.Name
 			return true
 		}
+		if h.WebInternal != nil && HandleInternal(h.WebInternal, w, r) {
+			w.Handler = h.Name
+			return true
+		}
 	}
 	w.Compress = false
 	return false
@@ -396,6 +400,12 @@ func HandleRedirect(h *config.WebRedirect, w http.ResponseWriter, r *http.Reques
 	return true
 }
 
+// HandleInternal passes the request to an internal service.
+func HandleInternal(h *config.WebInternal, w http.ResponseWriter, r *http.Request) (handled bool) {
+	h.Handler.ServeHTTP(w, r)
+	return true
+}
+
 // HandleForward handles a request by forwarding it to another webserver and
 // passing the response on. I.e. a reverse proxy. It handles websocket
 // connections by monitoring the websocket handshake and then just passing along the