added proxy.intercept

This commit is contained in:
hyung-hwan 2014-09-11 12:54:06 +00:00
parent a55e3b0238
commit 05efcf040e
2 changed files with 29 additions and 12 deletions

View File

@ -189,6 +189,7 @@ struct loccfg_t
{ {
unsigned int allow_http: 1; unsigned int allow_http: 1;
unsigned int allow_connect: 1; unsigned int allow_connect: 1;
unsigned int allow_intercept: 1;
unsigned int dns_enabled: 1; unsigned int dns_enabled: 1;
unsigned int urs_enabled: 2; unsigned int urs_enabled: 2;
qse_nwad_t dns_nwad; /* TODO: multiple dns */ qse_nwad_t dns_nwad; /* TODO: multiple dns */
@ -434,11 +435,12 @@ static int get_server_root (
qse_memset (root, 0, QSE_SIZEOF(*root)); qse_memset (root, 0, QSE_SIZEOF(*root));
if ((qinfo->client->status & QSE_HTTPD_CLIENT_INTERCEPTED) /*&& if (qinfo->client->status & QSE_HTTPD_CLIENT_INTERCEPTED)
loccfg->proxy.allow_intercept */)
{ {
/* transparent proxying */ /* transparent proxying */
if (loccfg->proxy.allow_intercept)
{
root->type = QSE_HTTPD_SERVERSTD_ROOT_PROXY; root->type = QSE_HTTPD_SERVERSTD_ROOT_PROXY;
root->u.proxy.dst.nwad = qinfo->client->orgdst_addr; root->u.proxy.dst.nwad = qinfo->client->orgdst_addr;
/* if TPROXY is used, set the source to the original source. /* if TPROXY is used, set the source to the original source.
@ -452,6 +454,13 @@ static int get_server_root (
goto proxy_ok; goto proxy_ok;
} }
else
{
root->type = QSE_HTTPD_SERVERSTD_ROOT_ERROR;
root->u.error.code = 403; /* forbidden */
return 0;
}
}
if (mth == QSE_HTTP_CONNECT) if (mth == QSE_HTTP_CONNECT)
{ {
@ -1409,6 +1418,11 @@ static int load_loccfg_proxy (qse_httpd_t* httpd, qse_xli_t* xli, qse_xli_list_t
if (!pair && default_proxy) pair = qse_xli_findpair (xli, default_proxy, QSE_T("connect")); if (!pair && default_proxy) pair = qse_xli_findpair (xli, default_proxy, QSE_T("connect"));
if (pair) cfg->proxy.allow_connect = get_boolean ((qse_xli_str_t*)pair->val); if (pair) cfg->proxy.allow_connect = get_boolean ((qse_xli_str_t*)pair->val);
pair = QSE_NULL;
if (proxy) pair = qse_xli_findpair (xli, proxy, QSE_T("intercept"));
if (!pair && default_proxy) pair = qse_xli_findpair (xli, default_proxy, QSE_T("intercept"));
if (pair) cfg->proxy.allow_intercept = get_boolean ((qse_xli_str_t*)pair->val);
pair = QSE_NULL; pair = QSE_NULL;
if (proxy) pair = qse_xli_findpair (xli, proxy, QSE_T("pseudonym")); if (proxy) pair = qse_xli_findpair (xli, proxy, QSE_T("pseudonym"));
if (!pair && default_proxy) pair = qse_xli_findpair (xli, default_proxy, QSE_T("pseudonym")); if (!pair && default_proxy) pair = qse_xli_findpair (xli, default_proxy, QSE_T("pseudonym"));
@ -1875,6 +1889,7 @@ static int open_config_file (qse_httpd_t* httpd)
{ QSE_T("server-default.proxy"), { QSE_XLI_SCM_VALLIST | QSE_XLI_SCM_KEYNODUP, 0, 0 } }, { QSE_T("server-default.proxy"), { QSE_XLI_SCM_VALLIST | QSE_XLI_SCM_KEYNODUP, 0, 0 } },
{ QSE_T("server-default.proxy.http"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server-default.proxy.http"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server-default.proxy.connect"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server-default.proxy.connect"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server-default.proxy.intercept"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server-default.proxy.pseudonym"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server-default.proxy.pseudonym"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server-default.proxy.dns-enabled"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server-default.proxy.dns-enabled"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server-default.proxy.dns-server"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server-default.proxy.dns-server"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
@ -1929,6 +1944,7 @@ static int open_config_file (qse_httpd_t* httpd)
{ QSE_T("server.host.location.proxy"), { QSE_XLI_SCM_VALLIST | QSE_XLI_SCM_KEYNODUP, 0, 0 } }, { QSE_T("server.host.location.proxy"), { QSE_XLI_SCM_VALLIST | QSE_XLI_SCM_KEYNODUP, 0, 0 } },
{ QSE_T("server.host.location.proxy.http"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server.host.location.proxy.http"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server.host.location.proxy.connect"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server.host.location.proxy.connect"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server.host.location.proxy.intercept"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server.host.location.proxy.pseudonym"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server.host.location.proxy.pseudonym"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server.host.location.proxy.dns-enabled"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server.host.location.proxy.dns-enabled"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },
{ QSE_T("server.host.location.proxy.dns-server"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } }, { QSE_T("server.host.location.proxy.dns-server"), { QSE_XLI_SCM_VALSTR | QSE_XLI_SCM_KEYNODUP, 1, 1 } },

View File

@ -135,6 +135,7 @@ server-default {
proxy { proxy {
http = yes; http = yes;
connect = yes; connect = yes;
intercept = yes;
#pseudonym = "nice-host"; #pseudonym = "nice-host";