tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix disableoverridehost option

Browse source
This commit is contained in:
Jun Kurihara 2023-12-15 14:45:40 +09:00
commit 1a2a913256
No known key found for this signature in database
GPG key ID: 48ADFD173ED22B03
8 changed files with 22 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -3,7 +3,7 @@
## 0.7.0 (unreleased) ## 0.7.0 (unreleased)
- Breaking: `hyper`-1.0 for both server and client modules. - Breaking: `hyper`-1.0 for both server and client modules.
- Breaking: Remove `override_host` option in upstream options. Add a reverse option, i.e., `disable_override_host`. That is, `rpxy` always override the host header by the upstream hostname by default. - Breaking: Remove `override_host` option in upstream options. Add a reverse option, i.e., `keep_original_host`. That is, `rpxy` always override the host header by the upstream hostname (backend uri host name) by default. If this reverse option specified, original `host` header is maintained or added from the value of url request line.
- Breaking: Introduced `native-tls-backend` feature to use the native TLS engine to access backend applications. - Breaking: Introduced `native-tls-backend` feature to use the native TLS engine to access backend applications.
- Redesigned: Cache structure is totally redesigned with more memory-efficient way to read from cache file, and more secure way to strongly bind memory-objects with files with hash values. - Redesigned: Cache structure is totally redesigned with more memory-efficient way to read from cache file, and more secure way to strongly bind memory-objects with files with hash values.
- Redesigned: HTTP body handling flow is also redesigned with more memory-and-time efficient techniques without putting the whole objects on memory by using `futures::stream::Stream` and `futures::channel::mpsc` - Redesigned: HTTP body handling flow is also redesigned with more memory-and-time efficient techniques without putting the whole objects on memory by using `futures::stream::Stream` and `futures::channel::mpsc`

2
config-example.toml
View file

@ -57,7 +57,7 @@ upstream = [
] ]
load_balance = "round_robin" # or "random" or "sticky" (sticky session) or "none" (fix to the first one, default) load_balance = "round_robin" # or "random" or "sticky" (sticky session) or "none" (fix to the first one, default)
upstream_options = [ upstream_options = [
"disable_override_host", # do not overwrite HOST value with upstream hostname (like 192.168.xx.x seen from rpxy) "keep_original_host", # do not overwrite HOST value with upstream hostname (like 192.168.xx.x seen from rpxy)
"force_http2_upstream", # mutually exclusive with "force_http11_upstream" "force_http2_upstream", # mutually exclusive with "force_http11_upstream"
] ]

10
rpxy-bin/src/log.rs
View file

@ -14,11 +14,11 @@ pub fn init_logger() {
// This limits the logger to emits only proxy crate // This limits the logger to emits only proxy crate
let pkg_name = env!("CARGO_PKG_NAME").replace('-', "_"); let pkg_name = env!("CARGO_PKG_NAME").replace('-', "_");
// let level_string = std::env::var(EnvFilter::DEFAULT_ENV).unwrap_or_else(|_| "info".to_string()); let level_string = std::env::var(EnvFilter::DEFAULT_ENV).unwrap_or_else(|_| "info".to_string());
// let filter_layer = EnvFilter::new(format!("{}={}", pkg_name, level_string)); let filter_layer = EnvFilter::new(format!("{}={}", pkg_name, level_string));
let filter_layer = EnvFilter::try_from_default_env() // let filter_layer = EnvFilter::try_from_default_env()
.unwrap_or_else(|_| EnvFilter::new("info")) // .unwrap_or_else(|_| EnvFilter::new("info"))
.add_directive(format!("{}=trace", pkg_name).parse().unwrap()); // .add_directive(format!("{}=trace", pkg_name).parse().unwrap());
tracing_subscriber::registry() tracing_subscriber::registry()
.with(format_layer) .with(format_layer)

4
rpxy-lib/src/backend/upstream_opts.rs
View file

@ -2,7 +2,7 @@ use crate::error::*;
#[derive(Debug, Clone, Hash, Eq, PartialEq)] #[derive(Debug, Clone, Hash, Eq, PartialEq)]
pub enum UpstreamOption { pub enum UpstreamOption {
DisableOverrideHost, KeepOriginalHost,
UpgradeInsecureRequests, UpgradeInsecureRequests,
ForceHttp11Upstream, ForceHttp11Upstream,
ForceHttp2Upstream, ForceHttp2Upstream,
@ -12,7 +12,7 @@ impl TryFrom<&str> for UpstreamOption {
type Error = RpxyError; type Error = RpxyError;
fn try_from(val: &str) -> RpxyResult<Self> { fn try_from(val: &str) -> RpxyResult<Self> {
match val { match val {
"diaable_override_host" => Ok(Self::DisableOverrideHost), "keep_original_host" => Ok(Self::KeepOriginalHost),
"upgrade_insecure_requests" => Ok(Self::UpgradeInsecureRequests), "upgrade_insecure_requests" => Ok(Self::UpgradeInsecureRequests),
"force_http11_upstream" => Ok(Self::ForceHttp11Upstream), "force_http11_upstream" => Ok(Self::ForceHttp11Upstream),
"force_http2_upstream" => Ok(Self::ForceHttp2Upstream), "force_http2_upstream" => Ok(Self::ForceHttp2Upstream),

2
rpxy-lib/src/forwarder/cache/cache_main.rs vendored
View file

@ -135,7 +135,7 @@ impl RpxyCache {
.map(|f| { .map(|f| {
if f.is_data() { if f.is_data() {
let data_bytes = f.data_ref().unwrap().clone(); let data_bytes = f.data_ref().unwrap().clone();
debug!("cache data bytes of {} bytes", data_bytes.len()); // debug!("cache data bytes of {} bytes", data_bytes.len());
// We do not use stream-type buffering since it needs to lock file during operation. // We do not use stream-type buffering since it needs to lock file during operation.
buf.extend(data_bytes.as_ref()); buf.extend(data_bytes.as_ref());
} }

7
rpxy-lib/src/message_handler/handler_manipulate_messages.rs
View file

@ -85,14 +85,14 @@ where
} }
}; };
let uri = req.uri().to_string(); let original_uri = req.uri().to_string();
let headers = req.headers_mut(); let headers = req.headers_mut();
// delete headers specified in header.connection // delete headers specified in header.connection
remove_connection_header(headers); remove_connection_header(headers);
// delete hop headers including header.connection // delete hop headers including header.connection
remove_hop_header(headers); remove_hop_header(headers);
// X-Forwarded-For // X-Forwarded-For
add_forwarding_header(headers, client_addr, listen_addr, tls_enabled, &uri)?; add_forwarding_header(headers, client_addr, listen_addr, tls_enabled, &original_uri)?;
// Add te: trailer if te_trailer // Add te: trailer if te_trailer
if contains_te_trailers { if contains_te_trailers {
@ -106,6 +106,7 @@ where
.headers_mut() .headers_mut()
.insert(header::HOST, HeaderValue::from_str(&org_host)?); .insert(header::HOST, HeaderValue::from_str(&org_host)?);
}; };
let original_host_header = req.headers().get(header::HOST).unwrap().clone();
///////////////////////////////////////////// /////////////////////////////////////////////
// Fix unique upstream destination since there could be multiple ones. // Fix unique upstream destination since there could be multiple ones.
@ -135,7 +136,7 @@ where
// by default, host header is overwritten with upstream hostname // by default, host header is overwritten with upstream hostname
override_host_header(headers, &upstream_chosen.uri)?; override_host_header(headers, &upstream_chosen.uri)?;
// apply upstream options to header // apply upstream options to header
apply_upstream_options_to_header(headers, upstream_candidates)?; apply_upstream_options_to_header(headers, &original_host_header, upstream_candidates)?;
// update uri in request // update uri in request
ensure!( ensure!(

9
rpxy-lib/src/message_handler/utils_headers.rs
View file

@ -105,17 +105,18 @@ pub(super) fn override_host_header(headers: &mut HeaderMap, upstream_base_uri: &
/// Apply options to request header, which are specified in the configuration /// Apply options to request header, which are specified in the configuration
pub(super) fn apply_upstream_options_to_header( pub(super) fn apply_upstream_options_to_header(
headers: &mut HeaderMap, headers: &mut HeaderMap,
original_host_header: &HeaderValue,
// _client_addr: &SocketAddr, // _client_addr: &SocketAddr,
upstream: &UpstreamCandidates, upstream: &UpstreamCandidates,
// _upstream_base_uri: &Uri, // _upstream_base_uri: &Uri,
) -> Result<()> { ) -> Result<()> {
for opt in upstream.options.iter() { for opt in upstream.options.iter() {
match opt { match opt {
UpstreamOption::DisableOverrideHost => { UpstreamOption::KeepOriginalHost => {
// simply remove HOST header value // revert hostname
headers headers
.remove(header::HOST) .insert(header::HOST, original_host_header.to_owned())
.ok_or_else(|| anyhow!("Failed to remove host header in disable_override_host option"))?; .ok_or_else(|| anyhow!("Failed to revert host header in keep_original_host option"))?;
} }
UpstreamOption::UpgradeInsecureRequests => { UpstreamOption::UpgradeInsecureRequests => {
// add upgrade-insecure-requests in request header if not exist // add upgrade-insecure-requests in request header if not exist

4
rpxy-lib/src/proxy/proxy_h3.rs
View file

@ -168,11 +168,11 @@ where
if frame.is_data() { if frame.is_data() {
let data = frame.into_data().unwrap_or_default(); let data = frame.into_data().unwrap_or_default();
debug!("Write data to HTTP/3 stream"); // debug!("Write data to HTTP/3 stream");
send_stream.send_data(data).await?; send_stream.send_data(data).await?;
} else if frame.is_trailers() { } else if frame.is_trailers() {
let trailers = frame.into_trailers().unwrap_or_default(); let trailers = frame.into_trailers().unwrap_or_default();
debug!("Write trailer to HTTP/3 stream"); // debug!("Write trailer to HTTP/3 stream");
send_stream.send_trailers(trailers).await?; send_stream.send_trailers(trailers).await?;
} }
} }