Function find_site 

pub fn find_site<'a>(
    config: &'a Config,
    host: &str,
    is_tls: bool,
) -> Option<&'a SiteConfig>

Find a site configuration matching the given Host header value.

Browsers on default ports omit the port from the Host header:

• HTTPS on 443 → Host: example.com (no :443)
• HTTP on 80 → Host: example.com (no :80)

But config keys include the port: "example.com:443", "example.com:80".

This function tries multiple lookup strategies:

1. Exact match: host as-is
2. If host has no port → try host:<default_port> based on is_tls
3. If host has a port → also try just the hostname (in case config has no port)

Limitations

For non-default TLS ports (e.g., 8443), browsers always include the port in the Host header (Host: example.com:8443), so strategy 1 (exact match) works fine. The fallback in strategy 2 only tries ports 443 (TLS) and 80 (HTTP). This means a non-browser client sending Host: example.com without a port to a TLS listener on :8443 will get a 404 — this is a protocol violation by the client.