http: Sort auto-HTTPS redirect routes by host specificity (fix #7390)

[pauloappbr]

Assistance Disclosure

I used an AI assistant (Gemini) to help analyze the Caddyfile routing issue, identify the non-deterministic map iteration, and draft the initial slices.SortFunc sorting logic. I manually reviewed the code, integrated it, verified the fix locally by building from source, and ran the Caddy test suite to ensure correctness and no regressions.

Description

This PR fixes an issue where automatic HTTP->HTTPS redirects were being misrouted when a wildcard domain with an explicit port and an exact host domain coexisted in the configuration.

The Problem

During automaticHTTPSPhase1, domains are grouped by address using a map (domainsByAddr). When iterating over this map to build and append redirect routes (redirServersLoop), the order of the generated routes was non-deterministic. If a wildcard redirect route was appended to srv.Routes before an exact match route, the Caddy router would evaluate the wildcard first, resulting in incorrect port redirection (e.g., returning HTTP 308 to port :10443 instead of the standard :443 for the exact host).

The Solution

Added a slices.SortFunc immediately before injecting the redirect routes into the server. The sorting logic enforces strict host specificity:

• Exact matches take precedence over wildcards.
• Wildcards take precedence over catch-alls (empty host).
• If both are exact or wildcards, the longer string wins.
• Ties are broken alphabetically to ensure deterministic generation.

This ensures the HTTP router evaluates the most specific redirect rules first, regardless of map iteration order.

Related Issue

Fixes #7390

How to test

A Caddyfile with the following configuration can reproduce the issue. Before this PR, curl -I -H "Host: dev.domain.com" http://127.0.0.1 would sporadically redirect to :10443. Now it consistently redirects to the implicit :443.

*.domain.com:10443 {
	respond * "10443"
}

dev.domain.com {
	respond * "80443"
}