exp

2025-10-13 15:25:15 +02:00 · 2025-10-13 15:25:15 +02:00 · d9efeb42d6
commit d9efeb42d6
parent 28d738f9cf
11 changed files with 778 additions and 54 deletions
--- a/rpxy-lib/src/backend/upstream.rs
+++ b/rpxy-lib/src/backend/upstream.rs
@ -40,6 +40,7 @@ impl TryFrom<&AppConfig> for PathManager {
        .replace_path(&rpc.replace_path)
        .load_balance(&rpc.load_balance, &upstream_vec, &app_config.server_name, &rpc.path)
        .options(&rpc.upstream_options)
+        .set_host(&rpc.set_host)
        .build()
        .unwrap();
      inner.insert(elem.path.clone(), elem);
@ -137,6 +138,9 @@ pub struct UpstreamCandidates {
  #[builder(setter(custom), default)]
  /// Activated upstream options defined in [[UpstreamOption]]
  pub options: HashSet<UpstreamOption>,
+
+  #[builder(setter(custom), default)]
+  pub set_host: Option<String>,
 }

 impl UpstreamCandidatesBuilder {
@ -218,6 +222,10 @@ impl UpstreamCandidatesBuilder {
    self.options = Some(opts);
    self
  }
+  pub fn set_host(&mut self, set_host: &Option<String>) -> &mut Self {
+    self.set_host = Some(set_host.clone());
+    self
+  }
 }

 impl UpstreamCandidates {
--- a/rpxy-lib/src/forwarder/client.rs
+++ b/rpxy-lib/src/forwarder/client.rs
@ -103,6 +103,7 @@ where
  <B1 as Body>::Error: Into<Box<dyn std::error::Error + Send + Sync + 'static>>,
 {
  async fn request_directly(&self, req: Request<B1>) -> RpxyResult<Response<Incoming>> {
+    debug!("About to send request with Host header: {}", req.headers().get(hyper::header::HOST).unwrap().to_str().unwrap());
    // TODO: This 'match' condition is always evaluated at every 'request' invocation. So, it is inefficient.
    // Needs to be reconsidered. Currently, this is a kind of work around.
    // This possibly relates to https://github.com/hyperium/hyper/issues/2417.
@ -228,6 +229,7 @@ where
    let inner = Client::builder(LocalExecutor::new(_globals.runtime_handle.clone())).build::<_, B1>(connector);
    let inner_h2 = Client::builder(LocalExecutor::new(_globals.runtime_handle.clone()))
      .http2_only(true)
+      .set_host(false)
      .build::<_, B1>(connector_h2);

    Ok(Self {
--- a/rpxy-lib/src/globals.rs
+++ b/rpxy-lib/src/globals.rs
@ -153,6 +153,7 @@ pub struct ReverseProxyConfig {
  pub upstream: Vec<UpstreamUri>,
  pub upstream_options: Option<Vec<String>>,
  pub load_balance: Option<String>,
+  pub set_host: Option<String>,
 }

 /// Configuration parameters for single upstream destination from a reverse proxy
--- a/rpxy-lib/src/lib.rs
+++ b/rpxy-lib/src/lib.rs
@ -100,13 +100,43 @@ pub async fn entrypoint(
    info!("Cache is disabled")
  }

-  #[cfg(not(feature = "post-quantum"))]
-  // Install aws_lc_rs as default crypto provider for rustls
-  let _ = CryptoProvider::install_default(rustls::crypto::aws_lc_rs::default_provider());
+  // Ensure multiple provider cannot be enabled without compile error.
+  let _provider;
+  #[cfg(feature = "rustls-backend-aws-lc-rs")]
+  {
+    info!("Using RusTLS provider aws-lc-rs");
+    _provider = CryptoProvider::install_default(rustls::crypto::aws_lc_rs::default_provider());
+  }
+  #[cfg(feature = "rustls-backend-boring")]
+  {
+    info!("Using RusTLS provider boring");
+    _provider = CryptoProvider::install_default(boring_rustls_provider::provider());
+  }
+  #[cfg(feature = "rustls-backend-openssl")]
+  {
+    info!("Using RusTLS provider openssl");
+    _provider = CryptoProvider::install_default(rustls_openssl::default_provider());
+  }
  #[cfg(feature = "post-quantum")]
-  let _ = CryptoProvider::install_default(rustls_post_quantum::provider());
-  #[cfg(feature = "post-quantum")]
-  info!("Post-quantum crypto provider is installed");
+  {
+    info!("Using RusTLS provider post_quantum");
+    _provider = CryptoProvider::install_default(rustls_post_quantum::provider());
+  }
+  #[cfg(feature = "rustls-backend-ring")]
+  {
+    info!("Using RusTLS provider ring");
+    _provider = CryptoProvider::install_default(rustls::crypto::ring::default_provider());
+  }
+  #[cfg(feature = "rustls-backend-symcrypt")]
+  {
+    info!("Using RusTLS provider symcrypt");
+    _provider = CryptoProvider::install_default(rustls_symcrypt::default_symcrypt_provider());
+  }
+  #[cfg(feature = "rustls-backend-wolfcrypt")]
+  {
+    info!("Using RusTLS provider wolfcrypt");
+    _provider = CryptoProvider::install_default(rustls_wolfcrypt_provider::provider());
+  }

  // 1. build backends, and make it contained in Arc
  let app_manager = Arc::new(backend::BackendAppManager::try_from(app_config_list)?);
--- a/rpxy-lib/src/message_handler/handler_manipulate_messages.rs
+++ b/rpxy-lib/src/message_handler/handler_manipulate_messages.rs
@ -168,6 +168,12 @@ where
      // can update request line i.e., http version, only if not upgrade (http 1.1)
      update_request_line(req, upstream_chosen, upstream_candidates)?;
    }
+    
+    if let Some(set_host) = &upstream_candidates.set_host {
+      if let Some(host) = req.headers_mut().get_mut(&header::HOST) {
+        *host = HeaderValue::from_str(set_host).unwrap();
+      }
+    }

    Ok(context)
  }
--- a/rpxy-lib/src/message_handler/utils_headers.rs
+++ b/rpxy-lib/src/message_handler/utils_headers.rs
@ -371,7 +371,8 @@ pub(super) fn host_from_uri_or_host_header(uri: &Uri, host_header_value: Option<
  // Prioritize uri host over host header
  let uri_host = uri.host().map(|host| {
    if let Some(port) = uri.port_u16() {
-      format!("{}:{}", host, port)
+      //format!("{}:{}", host, port)
+      host.to_string()
    } else {
      host.to_string()
    }