blackbeard420/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-03-09 15:39:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

core: add modular network_proxy support

Browse Source 
Co-authored-by: @ImpostorKeanu
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
This commit is contained in:
Mohammed Al Sahaf 2024-06-15 02:08:17 +03:00
parent aca4002fd8
commit 62c711c66e
No known key found for this signature in database
3 changed files with 161 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
modules/caddyhttp/reverseproxy/httptransport.go
View File

@ -135,6 +135,9 @@ type HTTPTransport struct {
// The pre-configured underlying HTTP transport. // The pre-configured underlying HTTP transport.
Transport *http.Transport `json:"-"` Transport *http.Transport `json:"-"`
// Forward proxy module
NetworkProxyRaw json.RawMessage `json:"network_proxy,omitempty" caddy:"namespace=caddy.network_proxy.source inline_key=from"`
h2cTransport *http2.Transport h2cTransport *http2.Transport
h3Transport *http3.RoundTripper // TODO: EXPERIMENTAL (May 2024) h3Transport *http3.RoundTripper // TODO: EXPERIMENTAL (May 2024)
} }
@ -297,7 +300,19 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e
} }
// negotiate any HTTP/SOCKS proxy for the HTTP transport // negotiate any HTTP/SOCKS proxy for the HTTP transport
var proxy func(*http.Request) (*url.URL, error) proxy := http.ProxyFromEnvironment
if len(h.NetworkProxyRaw) != 0 {
proxyMod, err := caddyCtx.LoadModule(h, "ForwardProxyRaw")
if err != nil {
return nil, fmt.Errorf("failed to load network_proxy module: %v", err)
}
if m, ok := proxyMod.(caddy.ProxyFuncProducer); ok {
proxy = m.ProxyFunc()
} else {
return nil, fmt.Errorf("network_proxy module is not `(func(*http.Request) (*url.URL, error))``")
}
}
if h.ForwardProxyURL != "" { if h.ForwardProxyURL != "" {
pUrl, err := url.Parse(h.ForwardProxyURL) pUrl, err := url.Parse(h.ForwardProxyURL)
if err != nil { if err != nil {
@ -305,8 +320,6 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e
} }
caddyCtx.Logger().Info("setting transport proxy url", zap.String("url", h.ForwardProxyURL)) caddyCtx.Logger().Info("setting transport proxy url", zap.String("url", h.ForwardProxyURL))
proxy = http.ProxyURL(pUrl) proxy = http.ProxyURL(pUrl)
} else {
proxy = http.ProxyFromEnvironment
} }
rt := &http.Transport{ rt := &http.Transport{

19
modules/caddytls/acmeissuer.go
View File

@ -97,6 +97,9 @@ type ACMEIssuer struct {
// be used. EXPERIMENTAL: Subject to change. // be used. EXPERIMENTAL: Subject to change.
CertificateLifetime caddy.Duration `json:"certificate_lifetime,omitempty"` CertificateLifetime caddy.Duration `json:"certificate_lifetime,omitempty"`
// Forward proxy module
NetworkProxyRaw json.RawMessage `json:"network_proxy,omitempty" caddy:"namespace=caddy.network_proxy.source inline_key=from"`
rootPool *x509.CertPool rootPool *x509.CertPool
logger *zap.Logger logger *zap.Logger
@ -170,7 +173,7 @@ func (iss *ACMEIssuer) Provision(ctx caddy.Context) error {
} }
var err error var err error
iss.template, err = iss.makeIssuerTemplate() iss.template, err = iss.makeIssuerTemplate(ctx)
if err != nil { if err != nil {
return err return err
} }
@ -178,7 +181,7 @@ func (iss *ACMEIssuer) Provision(ctx caddy.Context) error {
return nil return nil
} }
func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEIssuer, error) { func (iss *ACMEIssuer) makeIssuerTemplate(ctx caddy.Context) (certmagic.ACMEIssuer, error) {
template := certmagic.ACMEIssuer{ template := certmagic.ACMEIssuer{
CA: iss.CA, CA: iss.CA,
TestCA: iss.TestCA, TestCA: iss.TestCA,
@ -191,6 +194,18 @@ func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEIssuer, error) {
Logger: iss.logger, Logger: iss.logger,
} }
if len(iss.NetworkProxyRaw) != 0 {
proxyMod, err := ctx.LoadModule(iss, "ForwardProxyRaw")
if err != nil {
return template, fmt.Errorf("failed to load network_proxy module: %v", err)
}
if m, ok := proxyMod.(caddy.ProxyFuncProducer); ok {
template.HTTPProxy = m.ProxyFunc()
} else {
return template, fmt.Errorf("network_proxy module is not `(func(*http.Request) (*url.URL, error))``")
}
}
if iss.Challenges != nil { if iss.Challenges != nil {
if iss.Challenges.HTTP != nil { if iss.Challenges.HTTP != nil {
template.DisableHTTPChallenge = iss.Challenges.HTTP.Disabled template.DisableHTTPChallenge = iss.Challenges.HTTP.Disabled

128
network.go Normal file
View File

@ -0,0 +1,128 @@
package caddy
import (
"errors"
"net/http"
"net/url"
"strings"
"go.uber.org/zap"
)
func init() {
RegisterModule(ProxyFromEnvironment{})
RegisterModule(ProxyFromURL{})
}
type ProxyFuncProducer interface {
ProxyFunc() func(*http.Request) (*url.URL, error)
}
type ProxyFromEnvironment struct{}
// ProxyFunc implements ProxyFuncProducer.
func (p ProxyFromEnvironment) ProxyFunc() func(*http.Request) (*url.URL, error) {
return http.ProxyFromEnvironment
}
// CaddyModule implements Module.
func (p ProxyFromEnvironment) CaddyModule() ModuleInfo {
return ModuleInfo{
ID: "caddy.network_proxy.source.environment",
New: func() Module {
return ProxyFromEnvironment{}
},
}
}
type ProxyFromURL struct {
URL string `json:"url"`
ctx Context
logger *zap.Logger
}
// CaddyModule implements Module.
func (p ProxyFromURL) CaddyModule() ModuleInfo {
return ModuleInfo{
ID: "caddy.network_proxy.source.url",
New: func() Module {
return &ProxyFromURL{}
},
}
}
func (p *ProxyFromURL) Provision(ctx Context) error {
p.ctx = ctx
p.logger = ctx.Logger()
return nil
}
// Validate implements Validator.
func (p ProxyFromURL) Validate() error {
if _, err := url.Parse(p.URL); err != nil {
return err
}
return nil
}
// ProxyFunc implements ProxyFuncProducer.
func (p ProxyFromURL) ProxyFunc() func(*http.Request) (*url.URL, error) {
if strings.Contains(p.URL, "{") && strings.Contains(p.URL, "}") {
// courtesy of @ImpostorKeanu: https://github.com/caddyserver/caddy/pull/6397
return func(r *http.Request) (*url.URL, error) {
// retrieve the replacer from context.
repl, ok := r.Context().Value(ReplacerCtxKey).(*Replacer)
if !ok {
err := errors.New("failed to obtain replacer from request")
p.logger.Error(err.Error())
return nil, err
}
// apply placeholders to the value
// note: h.ForwardProxyURL should never be empty at this point
s := repl.ReplaceAll(p.URL, "")
if s == "" {
p.logger.Error("forward_proxy_url was empty after applying placeholders",
zap.String("initial_value", p.URL),
zap.String("final_value", s),
zap.String("hint", "check for invalid placeholders"))
return nil, errors.New("empty value for forward_proxy_url")
}
// parse the url
pUrl, err := url.Parse(s)
if err != nil {
p.logger.Warn("failed to derive transport proxy from forward_proxy_url")
pUrl = nil
} else if pUrl.Host == "" || strings.Split("", pUrl.Host)[0] == ":" {
// url.Parse does not return an error on these values:
//
// - http://:80
// - pUrl.Host == ":80"
// - /some/path
// - pUrl.Host == ""
//
// Super edge cases, but humans are human.
err = errors.New("supplied forward_proxy_url is missing a host value")
pUrl = nil
} else {
p.logger.Debug("setting transport proxy url", zap.String("url", s))
}
return pUrl, err
}
}
return func(*http.Request) (*url.URL, error) {
return url.Parse(p.URL)
}
}
var (
_ Module = ProxyFromEnvironment{}
_ ProxyFuncProducer = ProxyFromEnvironment{}
_ Module = ProxyFromURL{}
_ Provisioner = &ProxyFromURL{}
_ Validator = ProxyFromURL{}
_ ProxyFuncProducer = ProxyFromURL{}
)