frp/utils/vhost/http.go

226 lines
5.8 KiB
Go
Raw Normal View History

2017-12-12 20:27:43 +01:00
// Copyright 2017 fatedier, fatedier@gmail.com
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package vhost
import (
"bytes"
2017-12-12 20:27:43 +01:00
"context"
"errors"
"fmt"
2017-12-12 20:27:43 +01:00
"log"
"net"
"net/http"
"strings"
"sync"
"time"
frpLog "github.com/fatedier/frp/utils/log"
2018-05-07 20:13:30 +02:00
"github.com/fatedier/golib/pool"
2017-12-12 20:27:43 +01:00
)
var (
ErrRouterConfigConflict = errors.New("router config conflict")
ErrNoDomain = errors.New("no such domain")
)
func getHostFromAddr(addr string) (host string) {
strs := strings.Split(addr, ":")
if len(strs) > 1 {
host = strs[0]
} else {
host = addr
}
return
}
2018-08-08 05:18:38 +02:00
type HttpReverseProxyOptions struct {
ResponseHeaderTimeoutS int64
}
2017-12-12 20:27:43 +01:00
type HttpReverseProxy struct {
proxy *ReverseProxy
vhostRouter *VhostRouters
2018-08-08 05:18:38 +02:00
responseHeaderTimeout time.Duration
cfgMu sync.RWMutex
2017-12-12 20:27:43 +01:00
}
2018-08-08 05:18:38 +02:00
func NewHttpReverseProxy(option HttpReverseProxyOptions) *HttpReverseProxy {
if option.ResponseHeaderTimeoutS <= 0 {
option.ResponseHeaderTimeoutS = 60
}
2017-12-12 20:27:43 +01:00
rp := &HttpReverseProxy{
2018-08-08 05:18:38 +02:00
responseHeaderTimeout: time.Duration(option.ResponseHeaderTimeoutS) * time.Second,
vhostRouter: NewVhostRouters(),
2017-12-12 20:27:43 +01:00
}
proxy := &ReverseProxy{
Director: func(req *http.Request) {
req.URL.Scheme = "http"
url := req.Context().Value("url").(string)
2018-05-20 17:22:07 +02:00
oldHost := getHostFromAddr(req.Context().Value("host").(string))
host := rp.GetRealHost(oldHost, url)
2017-12-12 20:27:43 +01:00
if host != "" {
req.Host = host
}
req.URL.Host = req.Host
2018-05-20 17:22:07 +02:00
headers := rp.GetHeaders(oldHost, url)
for k, v := range headers {
req.Header.Set(k, v)
}
2017-12-12 20:27:43 +01:00
},
Transport: &http.Transport{
2018-08-08 05:18:38 +02:00
ResponseHeaderTimeout: rp.responseHeaderTimeout,
2017-12-12 20:27:43 +01:00
DisableKeepAlives: true,
DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
url := ctx.Value("url").(string)
host := getHostFromAddr(ctx.Value("host").(string))
2019-04-10 04:51:01 +02:00
remote := ctx.Value("remote").(string)
return rp.CreateConnection(host, url, remote)
2017-12-12 20:27:43 +01:00
},
},
2018-01-22 18:29:52 +01:00
WebSocketDialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
url := ctx.Value("url").(string)
host := getHostFromAddr(ctx.Value("host").(string))
2019-04-10 04:51:01 +02:00
remote := ctx.Value("remote").(string)
return rp.CreateConnection(host, url, remote)
2018-01-22 18:29:52 +01:00
},
2017-12-12 20:27:43 +01:00
BufferPool: newWrapPool(),
ErrorLog: log.New(newWrapLogger(), "", 0),
}
rp.proxy = proxy
return rp
}
2017-12-13 16:44:27 +01:00
func (rp *HttpReverseProxy) Register(routeCfg VhostRouteConfig) error {
2017-12-12 20:27:43 +01:00
rp.cfgMu.Lock()
defer rp.cfgMu.Unlock()
2017-12-13 16:44:27 +01:00
_, ok := rp.vhostRouter.Exist(routeCfg.Domain, routeCfg.Location)
2017-12-12 20:27:43 +01:00
if ok {
return ErrRouterConfigConflict
} else {
2017-12-13 16:44:27 +01:00
rp.vhostRouter.Add(routeCfg.Domain, routeCfg.Location, &routeCfg)
2017-12-12 20:27:43 +01:00
}
return nil
}
func (rp *HttpReverseProxy) UnRegister(domain string, location string) {
rp.cfgMu.Lock()
defer rp.cfgMu.Unlock()
rp.vhostRouter.Del(domain, location)
}
func (rp *HttpReverseProxy) GetRealHost(domain string, location string) (host string) {
vr, ok := rp.getVhost(domain, location)
if ok {
2017-12-13 16:44:27 +01:00
host = vr.payload.(*VhostRouteConfig).RewriteHost
2017-12-12 20:27:43 +01:00
}
return
}
2018-05-20 17:22:07 +02:00
func (rp *HttpReverseProxy) GetHeaders(domain string, location string) (headers map[string]string) {
vr, ok := rp.getVhost(domain, location)
if ok {
headers = vr.payload.(*VhostRouteConfig).Headers
}
return
}
2019-04-10 04:51:01 +02:00
func (rp *HttpReverseProxy) CreateConnection(domain string, location string, remoteAddr string) (net.Conn, error) {
2017-12-12 20:27:43 +01:00
vr, ok := rp.getVhost(domain, location)
if ok {
2017-12-13 16:44:27 +01:00
fn := vr.payload.(*VhostRouteConfig).CreateConnFn
2017-12-12 20:27:43 +01:00
if fn != nil {
2019-04-10 04:51:01 +02:00
return fn(remoteAddr)
2017-12-12 20:27:43 +01:00
}
}
return nil, fmt.Errorf("%v: %s %s", ErrNoDomain, domain, location)
2017-12-12 20:27:43 +01:00
}
2017-12-13 16:44:27 +01:00
func (rp *HttpReverseProxy) CheckAuth(domain, location, user, passwd string) bool {
vr, ok := rp.getVhost(domain, location)
if ok {
checkUser := vr.payload.(*VhostRouteConfig).Username
checkPasswd := vr.payload.(*VhostRouteConfig).Password
if (checkUser != "" || checkPasswd != "") && (checkUser != user || checkPasswd != passwd) {
return false
}
}
return true
}
2017-12-12 20:27:43 +01:00
func (rp *HttpReverseProxy) getVhost(domain string, location string) (vr *VhostRouter, ok bool) {
rp.cfgMu.RLock()
defer rp.cfgMu.RUnlock()
// first we check the full hostname
// if not exist, then check the wildcard_domain such as *.example.com
vr, ok = rp.vhostRouter.Get(domain, location)
if ok {
return
}
domainSplit := strings.Split(domain, ".")
if len(domainSplit) < 3 {
return nil, false
}
for {
if len(domainSplit) < 3 {
return nil, false
}
domainSplit[0] = "*"
domain = strings.Join(domainSplit, ".")
vr, ok = rp.vhostRouter.Get(domain, location)
if ok {
return vr, true
}
domainSplit = domainSplit[1:]
2017-12-12 20:27:43 +01:00
}
return
}
func (rp *HttpReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
2017-12-13 16:44:27 +01:00
domain := getHostFromAddr(req.Host)
location := req.URL.Path
user, passwd, _ := req.BasicAuth()
if !rp.CheckAuth(domain, location, user, passwd) {
rw.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
2017-12-12 20:27:43 +01:00
rp.proxy.ServeHTTP(rw, req)
}
type wrapPool struct{}
func newWrapPool() *wrapPool { return &wrapPool{} }
func (p *wrapPool) Get() []byte { return pool.GetBuf(32 * 1024) }
func (p *wrapPool) Put(buf []byte) { pool.PutBuf(buf) }
type wrapLogger struct{}
func newWrapLogger() *wrapLogger { return &wrapLogger{} }
func (l *wrapLogger) Write(p []byte) (n int, err error) {
frpLog.Warn("%s", string(bytes.TrimRight(p, "\n")))
2017-12-12 20:27:43 +01:00
return len(p), nil
}