Compare commits

...

12 Commits

Author SHA1 Message Date
Philip Hamer ba8e57da75
Merge 4d0a40247b into ce903f6d1d 2024-06-14 17:32:02 -07:00
Corey Daley 4d0a40247b
Merge branch 'main' into tls-proxy 2023-07-30 14:22:40 -04:00
Philip Hamer 444f3c080f
gofmt 2022-02-17 13:00:00 -05:00
Philip Hamer 9fb72e3db2
Merge branch 'master' into tls-proxy-build 2022-02-17 12:51:27 -05:00
Philip Hamer bb146cd3fd
fix build error 2021-12-06 18:52:57 -05:00
Philip Hamer b484a6e5a0
try compatibility with pre 1.15 as noop 2021-12-06 18:49:39 -05:00
Philip Hamer d16969baa1
add unit test for https proxy 2021-12-06 10:29:48 -05:00
Philip Hamer 2553869a29
clean up comment 2021-12-06 09:30:42 -05:00
Philip Hamer f724bd6a6c
do not edit the generated x_net_proxy.go 2021-12-03 15:59:00 -05:00
Philip Hamer 7f3a5bcae0
make it more intuitive for tls proxy 2021-11-29 14:49:47 -05:00
Philip Hamer 2a082eee69
simplify proxying with tls proxy 2021-11-29 14:19:00 -05:00
Philip Hamer d229c9f93d
try https proxy 2021-11-16 23:26:29 -05:00
5 changed files with 131 additions and 5 deletions

View File

@ -304,7 +304,9 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
return nil, nil, err
}
if proxyURL != nil {
dialer, err := proxy_FromURL(proxyURL, netDialerFunc(netDial))
proxyDialer := &netDialerFunc{fn: netDial}
modifyProxyDialer(ctx, d, proxyURL, proxyDialer)
dialer, err := proxy_FromURL(proxyURL, proxyDialer)
if err != nil {
return nil, nil, err
}

View File

@ -0,0 +1,52 @@
//go:build go1.15
// +build go1.15
package websocket
import (
"crypto/tls"
"net/http"
"net/url"
"testing"
)
func TestHttpsProxy(t *testing.T) {
sTLS := newTLSServer(t)
defer sTLS.Close()
s := newServer(t)
defer s.Close()
surlTLS, _ := url.Parse(sTLS.Server.URL)
cstDialer := cstDialer // make local copy for modification on next line.
cstDialer.Proxy = http.ProxyURL(surlTLS)
connect := false
origHandler := sTLS.Server.Config.Handler
// Capture the request Host header.
sTLS.Server.Config.Handler = http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
if r.Method == "CONNECT" {
connect = true
w.WriteHeader(http.StatusOK)
return
}
if !connect {
t.Log("connect not received")
http.Error(w, "connect not received", http.StatusMethodNotAllowed)
return
}
origHandler.ServeHTTP(w, r)
})
cstDialer.TLSClientConfig = &tls.Config{RootCAs: rootCAs(t, sTLS.Server)}
ws, _, err := cstDialer.Dial(s.URL, nil)
if err != nil {
t.Fatalf("Dial: %v", err)
}
defer ws.Close()
sendRecv(t, ws)
}

View File

@ -14,21 +14,37 @@ import (
"strings"
)
type netDialerFunc func(network, addr string) (net.Conn, error)
// proxyDialerEx extends the generated proxy_Dialer
type proxyDialerEx interface {
proxy_Dialer
// UsesTLS indicates whether we expect to dial to a TLS proxy
UsesTLS() bool
}
func (fn netDialerFunc) Dial(network, addr string) (net.Conn, error) {
return fn(network, addr)
type netDialerFunc struct {
fn func(network, addr string) (net.Conn, error)
usesTLS bool
}
func (ndf *netDialerFunc) Dial(network, addr string) (net.Conn, error) {
return ndf.fn(network, addr)
}
func (ndf *netDialerFunc) UsesTLS() bool {
return ndf.usesTLS
}
func init() {
proxy_RegisterDialerType("http", func(proxyURL *url.URL, forwardDialer proxy_Dialer) (proxy_Dialer, error) {
return &httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDialer.Dial}, nil
return &httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDialer.Dial, usesTLS: false}, nil
})
registerDialerHttps()
}
type httpProxyDialer struct {
proxyURL *url.URL
forwardDial func(network, addr string) (net.Conn, error)
usesTLS bool
}
func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) {
@ -75,3 +91,7 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error)
}
return conn, nil
}
func (hpd *httpProxyDialer) UsesTLS() bool {
return hpd.usesTLS
}

37
proxy_https.go Normal file
View File

@ -0,0 +1,37 @@
//go:build go1.15
// +build go1.15
package websocket
import (
"context"
"crypto/tls"
"net"
"net/url"
)
func registerDialerHttps() {
proxy_RegisterDialerType("https", func(proxyURL *url.URL, forwardDialer proxy_Dialer) (proxy_Dialer, error) {
fwd := forwardDialer.Dial
if dialerEx, ok := forwardDialer.(proxyDialerEx); !ok || !dialerEx.UsesTLS() {
tlsDialer := &tls.Dialer{
Config: &tls.Config{},
NetDialer: &net.Dialer{},
}
fwd = tlsDialer.Dial
}
return &httpProxyDialer{proxyURL: proxyURL, forwardDial: fwd, usesTLS: true}, nil
})
}
func modifyProxyDialer(ctx context.Context, d *Dialer, proxyURL *url.URL, proxyDialer *netDialerFunc) {
if proxyURL.Scheme == "https" {
proxyDialer.usesTLS = true
proxyDialer.fn = func(network, addr string) (net.Conn, error) {
t := tls.Dialer{}
t.Config = d.TLSClientConfig
t.NetDialer = &net.Dialer{}
return t.DialContext(ctx, network, addr)
}
}
}

15
proxy_https_legacy.go Normal file
View File

@ -0,0 +1,15 @@
//go:build !go1.15
// +build !go1.15
package websocket
import (
"context"
"net/url"
)
func registerDialerHttps() {
}
func modifyProxyDialer(ctx context.Context, d *Dialer, proxyURL *url.URL, proxyDialer *netDialerFunc) {
}