From bfcf58547f48ebd1613541bc1b0f1f9b91cfc456 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sun, 24 Jul 2022 21:43:18 +0900 Subject: [PATCH] fix unreasonable copying --- src/msg_handler/handler.rs | 23 +++++++++++------------ src/msg_handler/utils_headers.rs | 14 +++++++++++++- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/src/msg_handler/handler.rs b/src/msg_handler/handler.rs index 9450602..aa18449 100644 --- a/src/msg_handler/handler.rs +++ b/src/msg_handler/handler.rs @@ -96,29 +96,27 @@ where let request_upgraded = req.extensions_mut().remove::(); // Build request from destination information - let req_forwarded = if let Ok(req) = self.generate_request_forwarded( + if let Err(e) = self.generate_request_forwarded( &client_addr, &listen_addr, - req, + &mut req, upstream_scheme_host, &upgrade_in_request, upstream, tls_enabled, ) { - req - } else { - error!("Failed to generate destination uri for reverse proxy"); + error!("Failed to generate destination uri for reverse proxy: {}", e); return self.return_with_error_log(StatusCode::SERVICE_UNAVAILABLE, &mut log_data); }; // debug!("Request to be forwarded: {:?}", req_forwarded); - req_forwarded.log_debug(&client_addr, Some("(to Backend)")); - log_data.xff(&req_forwarded.headers().get("x-forwarded-for")); + req.log_debug(&client_addr, Some("(to Backend)")); + log_data.xff(&req.headers().get("x-forwarded-for")); log_data.upstream(&upstream_scheme_host.to_string()); ////// // Forward request to let mut res_backend = { - match timeout(self.globals.upstream_timeout, self.forwarder.request(req_forwarded)).await { + match timeout(self.globals.upstream_timeout, self.forwarder.request(req)).await { Err(_) => { return self.return_with_error_log(StatusCode::GATEWAY_TIMEOUT, &mut log_data); } @@ -224,12 +222,12 @@ where &self, client_addr: &SocketAddr, listen_addr: &SocketAddr, - mut req: Request, + req: &mut Request, upstream_scheme_host: &Uri, upgrade: &Option, upstream: &Upstream, tls_enabled: bool, - ) -> Result> { + ) -> Result<()> { debug!("Generate request to be forwarded"); // Add te: trailer if contained in original request @@ -243,13 +241,14 @@ where } }; + let uri = req.uri().to_string(); let headers = req.headers_mut(); // delete headers specified in header.connection remove_connection_header(headers); // delete hop headers including header.connection remove_hop_header(headers); // X-Forwarded-For - add_forwarding_header(headers, client_addr, listen_addr, tls_enabled)?; + add_forwarding_header(headers, client_addr, listen_addr, tls_enabled, &uri)?; // Add te: trailer if te_trailer if contains_te_trailers { @@ -296,6 +295,6 @@ where *req.version_mut() = Version::HTTP_2; } - Ok(req) + Ok(()) } } diff --git a/src/msg_handler/utils_headers.rs b/src/msg_handler/utils_headers.rs index d1578b5..547efe1 100644 --- a/src/msg_handler/utils_headers.rs +++ b/src/msg_handler/utils_headers.rs @@ -92,10 +92,12 @@ pub(super) fn add_forwarding_header( client_addr: &SocketAddr, listen_addr: &SocketAddr, tls: bool, + uri_str: &str, ) -> Result<()> { // default process // optional process defined by upstream_option is applied in fn apply_upstream_options - append_header_entry_with_comma(headers, "x-forwarded-for", &client_addr.to_canonical().ip().to_string())?; + let canonical_client_addr = client_addr.to_canonical().ip().to_string(); + append_header_entry_with_comma(headers, "x-forwarded-for", &canonical_client_addr)?; /////////// As Nginx // If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the @@ -105,6 +107,16 @@ pub(super) fn add_forwarding_header( // server port the client connected to add_header_entry_if_not_exist(headers, "x-forwarded-port", listen_addr.port().to_string())?; + /////////// As Nginx-Proxy + // x-real-ip + add_header_entry_overwrite_if_exist(headers, "x-real-ip", canonical_client_addr)?; + // x-forwarded-ssl + add_header_entry_overwrite_if_exist(headers, "x-forwarded-ssl", if tls { "on" } else { "off" })?; + // x-original-uri + add_header_entry_overwrite_if_exist(headers, "x-original-uri", uri_str.to_string())?; + // proxy + add_header_entry_overwrite_if_exist(headers, "proxy", "")?; + Ok(()) }