detect hostname the smart way
This commit is contained in:
parent
506272e290
commit
3d5c53b566
14
auth.go
14
auth.go
|
|
@ -84,15 +84,16 @@ func NewStaticAuth(param_url *url.URL, logger *CondLogger) (*BasicAuth, error) {
|
|||
}
|
||||
|
||||
func requireBasicAuth(wr http.ResponseWriter, req *http.Request, hidden_domain string) {
|
||||
if IsAstraHost(req) && req.URL.Path == "/" {
|
||||
SendIndex(wr, req)
|
||||
return
|
||||
}
|
||||
|
||||
if hidden_domain != "" &&
|
||||
(subtle.ConstantTimeCompare([]byte(req.URL.Host), []byte(hidden_domain)) != 1 &&
|
||||
subtle.ConstantTimeCompare([]byte(req.Host), []byte(hidden_domain)) != 1) {
|
||||
http.Error(wr, BAD_REQ_MSG, http.StatusBadRequest)
|
||||
} else {
|
||||
if req.Host == "astra.blek.codes" && req.URL.Host == "astra.blek.codes" && req.URL.Path == "/" {
|
||||
SendIndex(wr, req)
|
||||
return
|
||||
}
|
||||
wr.Header().Set("Proxy-Authenticate", `Basic realm="dumbproxy"`)
|
||||
wr.Header().Set("Content-Length", strconv.Itoa(len([]byte(AUTH_REQUIRED_MSG))))
|
||||
wr.WriteHeader(407)
|
||||
|
|
@ -263,6 +264,11 @@ func (_ NoAuth) Stop() {}
|
|||
type CertAuth struct{}
|
||||
|
||||
func (_ CertAuth) Validate(wr http.ResponseWriter, req *http.Request) (string, bool) {
|
||||
if req.Host == "astra.blek.codes" && req.URL.Host == "astra.blek.codes" && req.URL.Path == "/" {
|
||||
SendIndex(wr, req)
|
||||
return "", false
|
||||
}
|
||||
|
||||
if req.TLS == nil || len(req.TLS.VerifiedChains) < 1 || len(req.TLS.VerifiedChains[0]) < 1 {
|
||||
http.Error(wr, BAD_REQ_MSG, http.StatusBadRequest)
|
||||
return "", false
|
||||
|
|
|
|||
12
handler.go
12
handler.go
|
|
@ -10,8 +10,13 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
const astrahost = "astra.blek.codes"
|
||||
const HintsHeaderName = "X-Src-IP-Hints"
|
||||
|
||||
func IsAstraHost(req *http.Request) bool {
|
||||
return req.Host == astrahost || req.URL.Host == astrahost
|
||||
}
|
||||
|
||||
type HandlerDialer interface {
|
||||
DialContext(ctx context.Context, net, address string) (net.Conn, error)
|
||||
}
|
||||
|
|
@ -122,6 +127,11 @@ func (s *ProxyHandler) ServeHTTP(wr http.ResponseWriter, req *http.Request) {
|
|||
if originator, isLoopback := s.isLoopback(req); isLoopback {
|
||||
s.logger.Critical("Loopback tunnel detected: %s is an outbound "+
|
||||
"address for another request from %s", req.RemoteAddr, originator)
|
||||
|
||||
if IsAstraHost(req) && req.URL.Path == "/" {
|
||||
SendIndex(wr, req)
|
||||
return
|
||||
}
|
||||
http.Error(wr, BAD_REQ_MSG, http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
|
@ -129,7 +139,7 @@ func (s *ProxyHandler) ServeHTTP(wr http.ResponseWriter, req *http.Request) {
|
|||
isConnect := strings.ToUpper(req.Method) == "CONNECT"
|
||||
if (req.URL.Host == "" || req.URL.Scheme == "" && !isConnect) && req.ProtoMajor < 2 ||
|
||||
req.Host == "" && req.ProtoMajor == 2 {
|
||||
if req.Host == "astra.blek.codes" && req.URL.Host == "astra.blek.codes" && req.URL.Path == "/" {
|
||||
if IsAstraHost(req) && req.URL.Path == "/" {
|
||||
SendIndex(wr, req)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue