Skip to content

Commit

Permalink
v1.4.2 :: Fix http auth on plain text upstreams
Browse files Browse the repository at this point in the history
  • Loading branch information
reneManqueros committed Jun 28, 2024
1 parent fab032a commit 1d55bf3
Showing 1 changed file with 24 additions and 9 deletions.
33 changes: 24 additions & 9 deletions models/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,13 @@ func (p *Proxy) setDialer(requestContext RequestContext, isClearText bool) (Exit
network = "tcp6"
format = `[%s]:0`
}
backendAddress := backend
if strings.Contains(backendAddress, "@") == true {
parsedURL, _ := url.Parse(backend)
backendAddress = fmt.Sprintf(`%s:%s`, parsedURL.Host, parsedURL.Port())
}

addr, err := net.ResolveTCPAddr(network, fmt.Sprintf(format, backend))
addr, err := net.ResolveTCPAddr(network, fmt.Sprintf(format, backendAddress))
if err != nil {
log.Trace().Err(err).Str("backend", backend).Msg("Resolve")
}
Expand Down Expand Up @@ -118,7 +123,7 @@ func (p *Proxy) isInWhitelist(requestAddress string) bool {

func (p *Proxy) handleRequest(responseWriter http.ResponseWriter, request *http.Request) {
defer func() {
// Delete hop by hop headers
//Delete hop by hop headers
for _, v := range []string{
"Proxy-Connection",
"Proxy-Authorization",
Expand Down Expand Up @@ -175,23 +180,35 @@ func (p *Proxy) handleHTTP(responseWriter http.ResponseWriter, request *http.Req
DialContext(context context.Context, network, address string) (net.Conn, error)
}).DialContext,
}

if p.IsUpstream {
u, err := url.Parse("http://" + exitNode.Upstream)
if err != nil {
log.Err(err).Str("upstream", exitNode.Upstream).Msg("error parsing upstream")
return
}
if credentials := u.User.String(); credentials != "" {
request.Header.Set("Proxy-Authorization", fmt.Sprintf("Basic %v", b64.StdEncoding.EncodeToString([]byte(credentials))))
} else {
for _, v := range []string{
"Proxy-Connection",
"Proxy-Authorization",
"Proxy-Authenticate",
"Te",
"Trailers",
} {
request.Header.Del(v)
}
}
transport.Proxy = http.ProxyURL(u)
}

response, err := transport.RoundTrip(request)
if err != nil {
return
}
defer response.Body.Close()
copyHeader(responseWriter.Header(), response.Header)
responseWriter.WriteHeader(response.StatusCode)

bytesTransferred, _ := io.Copy(responseWriter, response.Body)
go func() {
p.LogPayload(MetricPayload{
Expand Down Expand Up @@ -272,11 +289,9 @@ func (p *Proxy) handleTunnel(responseWriter http.ResponseWriter, request *http.R

sourceConnection, _, err := hijacker.Hijack()
if err != nil {
return
}

if err != nil {
_ = sourceConnection.Close()
if sourceConnection != nil {
_ = sourceConnection.Close()
}
return
}
_, _ = sourceConnection.Write([]byte(HTTP200))
Expand Down

0 comments on commit 1d55bf3

Please sign in to comment.