builtin: Split vcl_recv in logical chunks

There is a very slight breaking change in the sense that the host header
check is grouped with its normalization which swaps its order with the
PRI method check.

In practice that only means that if you have both an unattended PRI
request missing a host header, you'll get a 400 instead of a 405. You
have to get both wrong in the first place so I don't consider this a
concern.

bin/varnishd/builtin.vcl

@@ -36,19 +36,30 @@ vcl 4.0;
 # Client side
 
 sub vcl_recv {
+	call vcl_req_host;
+	call vcl_req_method;
+	call vcl_req_authorization;
+	call vcl_req_cookie;
+	return (hash);
+}
+
+sub vcl_req_host {
 	if (req.http.host) {
 		set req.http.host = req.http.host.lower();
 	}
-	if (req.method == "PRI") {
-		# This will never happen in properly formed traffic (see: RFC7540)
-		return (synth(405));
-	}
 	if (!req.http.host &&
 	    req.esi_level == 0 &&
 	    req.proto ~ "^(?i)HTTP/1.1") {
 		# In HTTP/1.1, Host is required.
 		return (synth(400));
 	}
+}
+
+sub vcl_req_method {
+	if (req.method == "PRI") {
+		# This will never happen in properly formed traffic.
+		return (synth(405));
+	}
 	if (req.method != "GET" &&
 	    req.method != "HEAD" &&
 	    req.method != "PUT" &&
@@ -60,22 +71,22 @@ sub vcl_recv {
 		# Non-RFC2616 or CONNECT which is weird.
 		return (pipe);
 	}
-
 	if (req.method != "GET" && req.method != "HEAD") {
-		# We only deal with GET and HEAD by default
+		# We only deal with GET and HEAD by default.
 		return (pass);
 	}
+}
+
+sub vcl_req_authorization {
 	if (req.http.Authorization) {
-		# Not cacheable by default
+		# Not cacheable by default.
 		return (pass);
 	}
-	call vcl_req_cookie;
-	return (hash);
 }
 
 sub vcl_req_cookie {
 	if (req.http.Cookie) {
-		# Risky to cache by default
+		# Risky to cache by default.
 		return (pass);
 	}
 }