From 744b65b738639c1fac86424bc58e71c850f368b6 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sat, 25 Jun 2022 09:31:13 -0400 Subject: [PATCH] works almost. todo: config.toml --- config-example.toml | 19 ++++++------ lolalhost.pem | 47 ++++++++++++++++++++++++++++++ src/config/mod.rs | 3 ++ src/{config.rs => config/parse.rs} | 5 ++-- src/proxy/proxy_handler.rs | 21 +++++++------ src/proxy/proxy_main.rs | 2 +- 6 files changed, 74 insertions(+), 23 deletions(-) create mode 100644 lolalhost.pem create mode 100644 src/config/mod.rs rename src/{config.rs => config/parse.rs} (77%) diff --git a/config-example.toml b/config-example.toml index 7291c48..e3eace9 100644 --- a/config-example.toml +++ b/config-example.toml @@ -18,21 +18,22 @@ app_name = 'localhost' # this should be option, if null then same as hostname hostname = 'localhost' https_redirection = true reverse_proxy = [ - { path = '*', destination = '192.168.10.0:3000', tls = true }, - { path = '/path/to', destination = '192.168.10.1:4000', tls = true }, + # default destination if path is not specified + { destination = 'www.google.com', tls = true }, + { destination = 'www.bing.com', path = '/maps', tls = true }, ] ## List of destinations to send data to. ## At this point, round-robin is used for load-balancing if multiple URLs are specified. -allowhosts = ['127.0.0.1', '::1', '192.168.10.0/24'] -denyhosts = ['*'] -tls_cert_path = 'localhost1.pem' -tls_cert_key_path = 'localhost1.pem' +# allowhosts = ['127.0.0.1', '::1', '192.168.10.0/24'] # TODO +# denyhosts = ['*'] # TODO +tls_cert_path = 'localhost.pem' +tls_cert_key_path = 'localhost.pem' [[application]] app_name = 'locahost_application' hostname = 'localhost.localdomain' https_redirection = true -reverse_proxy = [{ path = '/', destination = 'www.google.com', tls = true }] -tls_cert_path = 'localhost2.pem' -tls_cert_key_path = 'localhost2.pem' +reverse_proxy = [{ destination = 'www.google.com', tls = true }] +tls_cert_path = 'localhost.pem' +tls_cert_key_path = 'localhost.pem' diff --git a/lolalhost.pem b/lolalhost.pem new file mode 100644 index 0000000..fe5ad50 --- /dev/null +++ b/lolalhost.pem @@ -0,0 +1,47 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDb7g6EQhbfby97 +k4oMbZTzdi2TWFBs7qK/QwgOu+L6EhNHPO1ZEU29v0APFBFJO5zyyAk9bZ9k9tPB +bCuVVI9jEUfLH3UCjEQPG6XI2w++uVh0yALvc/uurCvRHVlle/V7cAoikndc2SjE +RQUALbACIqwD5g0F77BYwcsreB4GH253/R6Q2/CJZ4jNHPjkocOJiVr3ejA0kkoN +MXpGUXWcrVVk20M2A1CeO7HAulLRcklEdoHE3v46pjp0iZK0F9LyZX1U1ql+4QL3 +iQttoZ4tMg83lFHSt4G9PrpIhzXr9W4NW822faSvrIwwN/JbItUmRa7n/3+MkuJQ +IGGNDayXAgMBAAECggEBANs0fmGSocuXvYL1Pi4+9qxnCOwIpTi97Zam0BwnZwcL +Bw4FCyiwV4UdX1LoFIailT9i49rHLYzre4oZL6OKgdQjQCSTuQOOHLPWQbpdpWba +w/C5/jr+pkemMZIfJ6BAGiArPt7Qj4oKpFhj1qUj5H9sYXkNTcOx8Fm25rLv6TT9 +O7wg0oCpyG+iBSbCYBp9mDMz8pfo4P3BhcFiyKCKeiAC6KuHU81dvuKeFB4XQK+X +no2NqDqe6MBkmTqjNNy+wi1COR7lu34LPiWU5Hq5PdIEqBBUMjlMI6oYlhlgNTdx +SvsqFz3Xs6kpAhJTrSiAqscPYosgaMQxo+LI26PJnikCgYEA9n0OERkm0wSBHnHY +Kx8jaxNYg93jEzVnEgI/MBTJZqEyCs9fF6Imv737VawEN/BhesZZX7bGZQfDo8AT +aiSa5upkkSGXEqTu5ytyoKFTb+dJ/qmx3+zP6dPVzDnc8WPYMoUg7vvjZkXXJgZX ++oMlMUW1wWiDNI3wP19W9Is6xssCgYEA5GqkUBEns6eTFJV0JKqbEORJJ7lx5NZe +cIx+jPpLkILG4mOKOg1TBx0wkxa9cELtsNsM+bPtu9OqRMhsfPBmsXDHhJwg0Z6G +eDTfYYPkpRhwZvl6jBZn9sLVR9wfg2hE+n0lfV3mceg336KOkwAehDU84SWZ2e0S +esqkpbHJa+UCgYA7PY0O8POSzcdWkNf6bS5vAqRIdSCpMjGGc4HKRYSuJNnJHVPm +czNK7Bcm3QPaiexzvI4oYd5G09niVjyUSx3rl7P56Y/MjFVau+d90agjAfyXtyMo +BVtnAGGnBtUiMvP4GGT06xcZMnnmCqpEbBaZQ/7N8Bdwnxh5sqlMdtX2hwKBgAhL +hyQRO2vezgyVUN50A6WdZLq4lVZGIq/bqkzcWhopZaebDc4F5doASV9OGBsXkyI1 +EkePLTcA/NH6pVX0NQaEnfpG4To7k46R/PrBm3ATbyGONdEYjzX65VvytoJDKx4d +pVrkKhZA5KaOdLcJ7hHHDSrv/qJXZbBn44rQ5guxAoGBAJ6oeUsUUETakxlmIhmK +xuQmWqLf97BKt8r6Z8CqHKWK7vpG2OmgFYCQGaR7angQ8hmAOv6jM56XhoagDBoc +UoaoEyo9/uCk6NRUkUMj7Tk/5UQSiWLceVH27w+icMFhf1b7EmmNfk+APsiathO5 +j4edf1AinVCPwRVVu1dtLL5P +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDAjCCAeoCCQCptj0+TjjIJjANBgkqhkiG9w0BAQsFADBDMREwDwYDVQQKDAhE +TlNDcnlwdDEaMBgGA1UECwwRTG9jYWwgdGVzdCBzZXJ2ZXIxEjAQBgNVBAMMCWxv +Y2FsaG9zdDAeFw0xOTExMTgxNDA2MzBaFw0zMzA3MjcxNDA2MzBaMEMxETAPBgNV +BAoMCEROU0NyeXB0MRowGAYDVQQLDBFMb2NhbCB0ZXN0IHNlcnZlcjESMBAGA1UE +AwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+4O +hEIW328ve5OKDG2U83Ytk1hQbO6iv0MIDrvi+hITRzztWRFNvb9ADxQRSTuc8sgJ +PW2fZPbTwWwrlVSPYxFHyx91AoxEDxulyNsPvrlYdMgC73P7rqwr0R1ZZXv1e3AK +IpJ3XNkoxEUFAC2wAiKsA+YNBe+wWMHLK3geBh9ud/0ekNvwiWeIzRz45KHDiYla +93owNJJKDTF6RlF1nK1VZNtDNgNQnjuxwLpS0XJJRHaBxN7+OqY6dImStBfS8mV9 +VNapfuEC94kLbaGeLTIPN5RR0reBvT66SIc16/VuDVvNtn2kr6yMMDfyWyLVJkWu +5/9/jJLiUCBhjQ2slwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA6Vz5HnGuy8jZz +5i8ipbcDMCZNdpYYnxgD53hEKOfoSv7LaF0ztD8Kmg3s5LHv9EHlkK3+G6FWRGiP +9f6IbtRITaiVQP3M13T78hpN5Qq5jgsqjR7ZcN7Etr6ZFd7G/0+mzqbyBuW/3szt +RdX/YLy1csvjbZoNNuXGWRohXjg0Mjko2tRLmARvxA/gZV5zWycv3BD2BPzyCdS9 +MDMYSF0RPiL8+alfwLNqLcqMA5liHlmZa85uapQyoUI3ksKJkEgU53aD8cYhH9Yn +6mVpsrvrcRLBiHlbi24QBolhFkCSRK8bXes8XDIPuD8iYRwlrVBwOakMFQWMqNfI +IMOKJomU +-----END CERTIFICATE----- diff --git a/src/config/mod.rs b/src/config/mod.rs new file mode 100644 index 0000000..9f0d40a --- /dev/null +++ b/src/config/mod.rs @@ -0,0 +1,3 @@ +mod parse; + +pub use parse::parse_opts; diff --git a/src/config.rs b/src/config/parse.rs similarity index 77% rename from src/config.rs rename to src/config/parse.rs index 0859a6c..2e2c77b 100644 --- a/src/config.rs +++ b/src/config/parse.rs @@ -32,10 +32,11 @@ pub fn parse_opts(globals: &mut Globals, backends: &mut HashMap app_name: "Localhost to Google except for maps".to_string(), hostname: "localhost".to_string(), reverse_proxy: ReverseProxy { - default_destination_uri: "https://www.google.com".parse::().unwrap(), + // default_destination_uri: "http://www.google.com".parse::().unwrap(), + default_destination_uri: "http://abehiroshi.la.coocan.jp/".parse::().unwrap(), // httpのみの場合の好例 destination_uris: map_example, }, - https_redirection: Some(true), // TODO: ここはtlsが存在する時はSomeにすべき。Noneはtlsがないときのみのはず + https_redirection: Some(false), // TODO: ここはtlsが存在する時はSomeにすべき。Noneはtlsがないときのみのはず tls_cert_path: Some(PathBuf::from(r"localhost1.pem")), tls_cert_key_path: Some(PathBuf::from(r"localhost1.pem")), diff --git a/src/proxy/proxy_handler.rs b/src/proxy/proxy_handler.rs index 851e174..c3c4c7b 100644 --- a/src/proxy/proxy_handler.rs +++ b/src/proxy/proxy_handler.rs @@ -4,7 +4,8 @@ use crate::{error::*, log::*}; use hyper::{ client::connect::Connect, header::{HeaderMap, HeaderValue}, - Body, Request, Response, StatusCode, Uri, + http::uri::Scheme, + Body, Request, Response, StatusCode, Uri, Version, }; use std::net::SocketAddr; use tokio::io::copy_bidirectional; @@ -144,16 +145,6 @@ fn generate_request_forwarded( ) -> Result> { debug!("Generate request to be forwarded"); - // update "host" key in request header - if req.headers().contains_key("host") { - // HTTP/1.1 - req.headers_mut().insert( - "host", - HeaderValue::from_str(destination_scheme_host.host().unwrap()) - .map_err(|_| anyhow!("Failed to insert destination host into forwarded request"))?, - ); - } - // Add te: trailer if contained in original request let te_trailer = { if let Some(te) = req.headers().get("te") { @@ -178,6 +169,9 @@ fn generate_request_forwarded( headers.insert("te", "trailer".parse().unwrap()); } + // Drop "host" key in request header to specify uri in absolute form + req.headers_mut().remove("host"); + // update uri in request *req.uri_mut() = Uri::builder() .scheme(destination_scheme_host.scheme().unwrap().as_str()) @@ -193,6 +187,11 @@ fn generate_request_forwarded( .insert("connection", HeaderValue::from_str("upgrade")?); } + // Change version to http/1.1 when destination scheme is http + if req.version() != Version::HTTP_11 && destination_scheme_host.scheme() == Some(&Scheme::HTTP) { + *req.version_mut() = Version::HTTP_11; + } + Ok(req) } diff --git a/src/proxy/proxy_main.rs b/src/proxy/proxy_main.rs index c18175f..c260204 100644 --- a/src/proxy/proxy_main.rs +++ b/src/proxy/proxy_main.rs @@ -61,7 +61,6 @@ where self.globals.runtime_handle.clone().spawn(async move { tokio::time::timeout( self.globals.timeout + Duration::from_secs(1), - // server.serve_connection(stream, self), server.serve_connection( stream, service_fn(move |req: Request| self.clone().handle_request(req, peer_addr)), @@ -71,6 +70,7 @@ where .ok(); clients_count.decrement(); + debug!("Client #: {}", clients_count.current()); }); }