works almost. todo: config.toml

2022-06-25 09:31:13 -04:00 · 2022-06-25 09:31:13 -04:00 · 744b65b738
commit 744b65b738
parent 9c34c259ef
6 changed files with 74 additions and 23 deletions
--- a/config-example.toml
+++ b/config-example.toml
@ -18,21 +18,22 @@ app_name = 'localhost' # this should be option, if null then same as hostname
 hostname = 'localhost'
 https_redirection = true
 reverse_proxy = [
-  { path = '*', destination = '192.168.10.0:3000', tls = true },
-  { path = '/path/to', destination = '192.168.10.1:4000', tls = true },
+  # default destination if path is not specified
+  { destination = 'www.google.com', tls = true },
+  { destination = 'www.bing.com', path = '/maps', tls = true },
 ]
 ## List of destinations to send data to.
 ## At this point, round-robin is used for load-balancing if multiple URLs are specified.
-allowhosts = ['127.0.0.1', '::1', '192.168.10.0/24']
-denyhosts = ['*']
-tls_cert_path = 'localhost1.pem'
-tls_cert_key_path = 'localhost1.pem'
+# allowhosts = ['127.0.0.1', '::1', '192.168.10.0/24'] # TODO
+# denyhosts = ['*'] # TODO
+tls_cert_path = 'localhost.pem'
+tls_cert_key_path = 'localhost.pem'


 [[application]]
 app_name = 'locahost_application'
 hostname = 'localhost.localdomain'
 https_redirection = true
-reverse_proxy = [{ path = '/', destination = 'www.google.com', tls = true }]
-tls_cert_path = 'localhost2.pem'
-tls_cert_key_path = 'localhost2.pem'
+reverse_proxy = [{ destination = 'www.google.com', tls = true }]
+tls_cert_path = 'localhost.pem'
+tls_cert_key_path = 'localhost.pem'
--- a/lolalhost.pem
+++ b/lolalhost.pem
@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDb7g6EQhbfby97
+k4oMbZTzdi2TWFBs7qK/QwgOu+L6EhNHPO1ZEU29v0APFBFJO5zyyAk9bZ9k9tPB
+bCuVVI9jEUfLH3UCjEQPG6XI2w++uVh0yALvc/uurCvRHVlle/V7cAoikndc2SjE
+RQUALbACIqwD5g0F77BYwcsreB4GH253/R6Q2/CJZ4jNHPjkocOJiVr3ejA0kkoN
+MXpGUXWcrVVk20M2A1CeO7HAulLRcklEdoHE3v46pjp0iZK0F9LyZX1U1ql+4QL3
+iQttoZ4tMg83lFHSt4G9PrpIhzXr9W4NW822faSvrIwwN/JbItUmRa7n/3+MkuJQ
+IGGNDayXAgMBAAECggEBANs0fmGSocuXvYL1Pi4+9qxnCOwIpTi97Zam0BwnZwcL
+Bw4FCyiwV4UdX1LoFIailT9i49rHLYzre4oZL6OKgdQjQCSTuQOOHLPWQbpdpWba
+w/C5/jr+pkemMZIfJ6BAGiArPt7Qj4oKpFhj1qUj5H9sYXkNTcOx8Fm25rLv6TT9
+O7wg0oCpyG+iBSbCYBp9mDMz8pfo4P3BhcFiyKCKeiAC6KuHU81dvuKeFB4XQK+X
+no2NqDqe6MBkmTqjNNy+wi1COR7lu34LPiWU5Hq5PdIEqBBUMjlMI6oYlhlgNTdx
+SvsqFz3Xs6kpAhJTrSiAqscPYosgaMQxo+LI26PJnikCgYEA9n0OERkm0wSBHnHY
+Kx8jaxNYg93jEzVnEgI/MBTJZqEyCs9fF6Imv737VawEN/BhesZZX7bGZQfDo8AT
+aiSa5upkkSGXEqTu5ytyoKFTb+dJ/qmx3+zP6dPVzDnc8WPYMoUg7vvjZkXXJgZX
+oMlMUW1wWiDNI3wP19W9Is6xssCgYEA5GqkUBEns6eTFJV0JKqbEORJJ7lx5NZe
+cIx+jPpLkILG4mOKOg1TBx0wkxa9cELtsNsM+bPtu9OqRMhsfPBmsXDHhJwg0Z6G
+eDTfYYPkpRhwZvl6jBZn9sLVR9wfg2hE+n0lfV3mceg336KOkwAehDU84SWZ2e0S
+esqkpbHJa+UCgYA7PY0O8POSzcdWkNf6bS5vAqRIdSCpMjGGc4HKRYSuJNnJHVPm
+czNK7Bcm3QPaiexzvI4oYd5G09niVjyUSx3rl7P56Y/MjFVau+d90agjAfyXtyMo
+BVtnAGGnBtUiMvP4GGT06xcZMnnmCqpEbBaZQ/7N8Bdwnxh5sqlMdtX2hwKBgAhL
+hyQRO2vezgyVUN50A6WdZLq4lVZGIq/bqkzcWhopZaebDc4F5doASV9OGBsXkyI1
+EkePLTcA/NH6pVX0NQaEnfpG4To7k46R/PrBm3ATbyGONdEYjzX65VvytoJDKx4d
+pVrkKhZA5KaOdLcJ7hHHDSrv/qJXZbBn44rQ5guxAoGBAJ6oeUsUUETakxlmIhmK
+xuQmWqLf97BKt8r6Z8CqHKWK7vpG2OmgFYCQGaR7angQ8hmAOv6jM56XhoagDBoc
+UoaoEyo9/uCk6NRUkUMj7Tk/5UQSiWLceVH27w+icMFhf1b7EmmNfk+APsiathO5
+j4edf1AinVCPwRVVu1dtLL5P
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAeoCCQCptj0+TjjIJjANBgkqhkiG9w0BAQsFADBDMREwDwYDVQQKDAhE
+TlNDcnlwdDEaMBgGA1UECwwRTG9jYWwgdGVzdCBzZXJ2ZXIxEjAQBgNVBAMMCWxv
+Y2FsaG9zdDAeFw0xOTExMTgxNDA2MzBaFw0zMzA3MjcxNDA2MzBaMEMxETAPBgNV
+BAoMCEROU0NyeXB0MRowGAYDVQQLDBFMb2NhbCB0ZXN0IHNlcnZlcjESMBAGA1UE
+AwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+4O
+hEIW328ve5OKDG2U83Ytk1hQbO6iv0MIDrvi+hITRzztWRFNvb9ADxQRSTuc8sgJ
+PW2fZPbTwWwrlVSPYxFHyx91AoxEDxulyNsPvrlYdMgC73P7rqwr0R1ZZXv1e3AK
+IpJ3XNkoxEUFAC2wAiKsA+YNBe+wWMHLK3geBh9ud/0ekNvwiWeIzRz45KHDiYla
+93owNJJKDTF6RlF1nK1VZNtDNgNQnjuxwLpS0XJJRHaBxN7+OqY6dImStBfS8mV9
+VNapfuEC94kLbaGeLTIPN5RR0reBvT66SIc16/VuDVvNtn2kr6yMMDfyWyLVJkWu
+5/9/jJLiUCBhjQ2slwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA6Vz5HnGuy8jZz
+5i8ipbcDMCZNdpYYnxgD53hEKOfoSv7LaF0ztD8Kmg3s5LHv9EHlkK3+G6FWRGiP
+9f6IbtRITaiVQP3M13T78hpN5Qq5jgsqjR7ZcN7Etr6ZFd7G/0+mzqbyBuW/3szt
+RdX/YLy1csvjbZoNNuXGWRohXjg0Mjko2tRLmARvxA/gZV5zWycv3BD2BPzyCdS9
+MDMYSF0RPiL8+alfwLNqLcqMA5liHlmZa85uapQyoUI3ksKJkEgU53aD8cYhH9Yn
+6mVpsrvrcRLBiHlbi24QBolhFkCSRK8bXes8XDIPuD8iYRwlrVBwOakMFQWMqNfI
+IMOKJomU
+-----END CERTIFICATE-----
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@ -0,0 +1,3 @@
+mod parse;
+
+pub use parse::parse_opts;
--- a/src/config/parse.rs
+++ b/src/config/parse.rs
@ -32,10 +32,11 @@ pub fn parse_opts(globals: &mut Globals, backends: &mut HashMap<String, Backend>
      app_name: "Localhost to Google except for maps".to_string(),
      hostname: "localhost".to_string(),
      reverse_proxy: ReverseProxy {
-        default_destination_uri: "https://www.google.com".parse::<Uri>().unwrap(),
+        // default_destination_uri: "http://www.google.com".parse::<Uri>().unwrap(),
+        default_destination_uri: "http://abehiroshi.la.coocan.jp/".parse::<Uri>().unwrap(), // httpのみの場合の好例
        destination_uris: map_example,
      },
-      https_redirection: Some(true), // TODO: ここはtlsが存在する時はSomeにすべき。Noneはtlsがないときのみのはず
+      https_redirection: Some(false), // TODO: ここはtlsが存在する時はSomeにすべき。Noneはtlsがないときのみのはず

      tls_cert_path: Some(PathBuf::from(r"localhost1.pem")),
      tls_cert_key_path: Some(PathBuf::from(r"localhost1.pem")),
--- a/src/proxy/proxy_handler.rs
+++ b/src/proxy/proxy_handler.rs
@ -4,7 +4,8 @@ use crate::{error::*, log::*};
 use hyper::{
  client::connect::Connect,
  header::{HeaderMap, HeaderValue},
-  Body, Request, Response, StatusCode, Uri,
+  http::uri::Scheme,
+  Body, Request, Response, StatusCode, Uri, Version,
 };
 use std::net::SocketAddr;
 use tokio::io::copy_bidirectional;
@ -144,16 +145,6 @@ fn generate_request_forwarded<B: core::fmt::Debug>(
 ) -> Result<Request<B>> {
  debug!("Generate request to be forwarded");

-  // update "host" key in request header
-  if req.headers().contains_key("host") {
-    // HTTP/1.1
-    req.headers_mut().insert(
-      "host",
-      HeaderValue::from_str(destination_scheme_host.host().unwrap())
-        .map_err(|_| anyhow!("Failed to insert destination host into forwarded request"))?,
-    );
-  }
-
  // Add te: trailer if contained in original request
  let te_trailer = {
    if let Some(te) = req.headers().get("te") {
@ -178,6 +169,9 @@ fn generate_request_forwarded<B: core::fmt::Debug>(
    headers.insert("te", "trailer".parse().unwrap());
  }

+  // Drop "host" key in request header to specify uri in absolute form
+  req.headers_mut().remove("host");
+
  // update uri in request
  *req.uri_mut() = Uri::builder()
    .scheme(destination_scheme_host.scheme().unwrap().as_str())
@ -193,6 +187,11 @@ fn generate_request_forwarded<B: core::fmt::Debug>(
      .insert("connection", HeaderValue::from_str("upgrade")?);
  }

+  // Change version to http/1.1 when destination scheme is http
+  if req.version() != Version::HTTP_11 && destination_scheme_host.scheme() == Some(&Scheme::HTTP) {
+    *req.version_mut() = Version::HTTP_11;
+  }
+
  Ok(req)
 }

--- a/src/proxy/proxy_main.rs
+++ b/src/proxy/proxy_main.rs
@ -61,7 +61,6 @@ where
    self.globals.runtime_handle.clone().spawn(async move {
      tokio::time::timeout(
        self.globals.timeout + Duration::from_secs(1),
-        // server.serve_connection(stream, self),
        server.serve_connection(
          stream,
          service_fn(move |req: Request<Body>| self.clone().handle_request(req, peer_addr)),
@ -71,6 +70,7 @@ where
      .ok();

      clients_count.decrement();
+      debug!("Client #: {}", clients_count.current());
    });
  }