Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
caddy
Commits
7cbbb01f
Commit
7cbbb01f
authored
Dec 31, 2016
by
Matt Holt
Committed by
GitHub
Dec 31, 2016
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1309 from lhecker/master
Fixed #1292 and resulting issues from #1300
parents
466efb7e
4babe4b2
Changes
3
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
348 additions
and
83 deletions
+348
-83
caddyhttp/proxy/proxy.go
caddyhttp/proxy/proxy.go
+20
-4
caddyhttp/proxy/proxy_test.go
caddyhttp/proxy/proxy_test.go
+96
-10
caddyhttp/proxy/reverseproxy.go
caddyhttp/proxy/reverseproxy.go
+232
-69
No files found.
caddyhttp/proxy/proxy.go
View file @
7cbbb01f
...
@@ -247,12 +247,28 @@ func createUpstreamRequest(r *http.Request) *http.Request {
...
@@ -247,12 +247,28 @@ func createUpstreamRequest(r *http.Request) *http.Request {
outreq
.
URL
.
Opaque
=
outreq
.
URL
.
RawPath
outreq
.
URL
.
Opaque
=
outreq
.
URL
.
RawPath
}
}
// We are modifying the same underlying map from req (shallow
// copied above) so we only copy it if necessary.
copiedHeaders
:=
false
// Remove hop-by-hop headers listed in the "Connection" header.
// See RFC 2616, section 14.10.
if
c
:=
outreq
.
Header
.
Get
(
"Connection"
);
c
!=
""
{
for
_
,
f
:=
range
strings
.
Split
(
c
,
","
)
{
if
f
=
strings
.
TrimSpace
(
f
);
f
!=
""
{
if
!
copiedHeaders
{
outreq
.
Header
=
make
(
http
.
Header
)
copyHeader
(
outreq
.
Header
,
r
.
Header
)
copiedHeaders
=
true
}
outreq
.
Header
.
Del
(
f
)
}
}
}
// Remove hop-by-hop headers to the backend. Especially
// Remove hop-by-hop headers to the backend. Especially
// important is "Connection" because we want a persistent
// important is "Connection" because we want a persistent
// connection, regardless of what the client sent to us. This
// connection, regardless of what the client sent to us.
// is modifying the same underlying map from r (shallow
// copied above) so we only copy it if necessary.
var
copiedHeaders
bool
for
_
,
h
:=
range
hopHeaders
{
for
_
,
h
:=
range
hopHeaders
{
if
outreq
.
Header
.
Get
(
h
)
!=
""
{
if
outreq
.
Header
.
Get
(
h
)
!=
""
{
if
!
copiedHeaders
{
if
!
copiedHeaders
{
...
...
caddyhttp/proxy/proxy_test.go
View file @
7cbbb01f
...
@@ -42,10 +42,32 @@ func TestReverseProxy(t *testing.T) {
...
@@ -42,10 +42,32 @@ func TestReverseProxy(t *testing.T) {
log
.
SetOutput
(
ioutil
.
Discard
)
log
.
SetOutput
(
ioutil
.
Discard
)
defer
log
.
SetOutput
(
os
.
Stderr
)
defer
log
.
SetOutput
(
os
.
Stderr
)
verifyHeaders
:=
func
(
headers
http
.
Header
,
trailers
http
.
Header
)
{
if
headers
.
Get
(
"X-Header"
)
!=
"header-value"
{
t
.
Error
(
"Expected header 'X-Header' to be proxied properly"
)
}
if
trailers
==
nil
{
t
.
Error
(
"Expected to receive trailers"
)
}
if
trailers
.
Get
(
"X-Trailer"
)
!=
"trailer-value"
{
t
.
Error
(
"Expected header 'X-Trailer' to be proxied properly"
)
}
}
var
requestReceived
bool
var
requestReceived
bool
backend
:=
httptest
.
NewServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
backend
:=
httptest
.
NewServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
// read the body (even if it's empty) to make Go parse trailers
io
.
Copy
(
ioutil
.
Discard
,
r
.
Body
)
verifyHeaders
(
r
.
Header
,
r
.
Trailer
)
requestReceived
=
true
requestReceived
=
true
w
.
Header
()
.
Set
(
"Trailer"
,
"X-Trailer"
)
w
.
Header
()
.
Set
(
"X-Header"
,
"header-value"
)
w
.
WriteHeader
(
http
.
StatusOK
)
w
.
Write
([]
byte
(
"Hello, client"
))
w
.
Write
([]
byte
(
"Hello, client"
))
w
.
Header
()
.
Set
(
"X-Trailer"
,
"trailer-value"
)
}))
}))
defer
backend
.
Close
()
defer
backend
.
Close
()
...
@@ -59,12 +81,21 @@ func TestReverseProxy(t *testing.T) {
...
@@ -59,12 +81,21 @@ func TestReverseProxy(t *testing.T) {
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
w
:=
httptest
.
NewRecorder
()
w
:=
httptest
.
NewRecorder
()
r
.
ContentLength
=
-
1
// force chunked encoding (required for trailers)
r
.
Header
.
Set
(
"X-Header"
,
"header-value"
)
r
.
Trailer
=
map
[
string
][]
string
{
"X-Trailer"
:
{
"trailer-value"
},
}
p
.
ServeHTTP
(
w
,
r
)
p
.
ServeHTTP
(
w
,
r
)
if
!
requestReceived
{
if
!
requestReceived
{
t
.
Error
(
"Expected backend to receive request, but it didn't"
)
t
.
Error
(
"Expected backend to receive request, but it didn't"
)
}
}
res
:=
w
.
Result
()
verifyHeaders
(
res
.
Header
,
res
.
Trailer
)
// Make sure {upstream} placeholder is set
// Make sure {upstream} placeholder is set
rr
:=
httpserver
.
NewResponseRecorder
(
httptest
.
NewRecorder
())
rr
:=
httpserver
.
NewResponseRecorder
(
httptest
.
NewRecorder
())
rr
.
Replacer
=
httpserver
.
NewReplacer
(
r
,
rr
,
"-"
)
rr
.
Replacer
=
httpserver
.
NewReplacer
(
r
,
rr
,
"-"
)
...
@@ -123,7 +154,7 @@ func TestWebSocketReverseProxyNonHijackerPanic(t *testing.T) {
...
@@ -123,7 +154,7 @@ func TestWebSocketReverseProxyNonHijackerPanic(t *testing.T) {
defer
wsNop
.
Close
()
defer
wsNop
.
Close
()
// Get proxy to use for the test
// Get proxy to use for the test
p
:=
newWebSocketTestProxy
(
wsNop
.
URL
)
p
:=
newWebSocketTestProxy
(
wsNop
.
URL
,
false
)
// Create client request
// Create client request
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
...
@@ -148,7 +179,7 @@ func TestWebSocketReverseProxyServeHTTPHandler(t *testing.T) {
...
@@ -148,7 +179,7 @@ func TestWebSocketReverseProxyServeHTTPHandler(t *testing.T) {
defer
wsNop
.
Close
()
defer
wsNop
.
Close
()
// Get proxy to use for the test
// Get proxy to use for the test
p
:=
newWebSocketTestProxy
(
wsNop
.
URL
)
p
:=
newWebSocketTestProxy
(
wsNop
.
URL
,
false
)
// Create client request
// Create client request
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
r
:=
httptest
.
NewRequest
(
"GET"
,
"/"
,
nil
)
...
@@ -189,7 +220,7 @@ func TestWebSocketReverseProxyFromWSClient(t *testing.T) {
...
@@ -189,7 +220,7 @@ func TestWebSocketReverseProxyFromWSClient(t *testing.T) {
defer
wsEcho
.
Close
()
defer
wsEcho
.
Close
()
// Get proxy to use for the test
// Get proxy to use for the test
p
:=
newWebSocketTestProxy
(
wsEcho
.
URL
)
p
:=
newWebSocketTestProxy
(
wsEcho
.
URL
,
false
)
// This is a full end-end test, so the proxy handler
// This is a full end-end test, so the proxy handler
// has to be part of a server listening on a port. Our
// has to be part of a server listening on a port. Our
...
@@ -228,6 +259,52 @@ func TestWebSocketReverseProxyFromWSClient(t *testing.T) {
...
@@ -228,6 +259,52 @@ func TestWebSocketReverseProxyFromWSClient(t *testing.T) {
}
}
}
}
func
TestWebSocketReverseProxyFromWSSClient
(
t
*
testing
.
T
)
{
wsEcho
:=
newTLSServer
(
websocket
.
Handler
(
func
(
ws
*
websocket
.
Conn
)
{
io
.
Copy
(
ws
,
ws
)
}))
defer
wsEcho
.
Close
()
p
:=
newWebSocketTestProxy
(
wsEcho
.
URL
,
true
)
echoProxy
:=
newTLSServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
p
.
ServeHTTP
(
w
,
r
)
}))
defer
echoProxy
.
Close
()
// Set up WebSocket client
url
:=
strings
.
Replace
(
echoProxy
.
URL
,
"https://"
,
"wss://"
,
1
)
wsCfg
,
err
:=
websocket
.
NewConfig
(
url
,
echoProxy
.
URL
)
if
err
!=
nil
{
t
.
Fatal
(
err
)
}
wsCfg
.
TlsConfig
=
&
tls
.
Config
{
InsecureSkipVerify
:
true
}
ws
,
err
:=
websocket
.
DialConfig
(
wsCfg
)
if
err
!=
nil
{
t
.
Fatal
(
err
)
}
defer
ws
.
Close
()
// Send test message
trialMsg
:=
"Is it working?"
if
sendErr
:=
websocket
.
Message
.
Send
(
ws
,
trialMsg
);
sendErr
!=
nil
{
t
.
Fatal
(
sendErr
)
}
// It should be echoed back to us
var
actualMsg
string
if
rcvErr
:=
websocket
.
Message
.
Receive
(
ws
,
&
actualMsg
);
rcvErr
!=
nil
{
t
.
Fatal
(
rcvErr
)
}
if
actualMsg
!=
trialMsg
{
t
.
Errorf
(
"Expected '%s' but got '%s' instead"
,
trialMsg
,
actualMsg
)
}
}
func
TestUnixSocketProxy
(
t
*
testing
.
T
)
{
func
TestUnixSocketProxy
(
t
*
testing
.
T
)
{
if
runtime
.
GOOS
==
"windows"
{
if
runtime
.
GOOS
==
"windows"
{
return
return
...
@@ -264,7 +341,7 @@ func TestUnixSocketProxy(t *testing.T) {
...
@@ -264,7 +341,7 @@ func TestUnixSocketProxy(t *testing.T) {
defer
ts
.
Close
()
defer
ts
.
Close
()
url
:=
strings
.
Replace
(
ts
.
URL
,
"http://"
,
"unix:"
,
1
)
url
:=
strings
.
Replace
(
ts
.
URL
,
"http://"
,
"unix:"
,
1
)
p
:=
newWebSocketTestProxy
(
url
)
p
:=
newWebSocketTestProxy
(
url
,
false
)
echoProxy
:=
httptest
.
NewServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
echoProxy
:=
httptest
.
NewServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
p
.
ServeHTTP
(
w
,
r
)
p
.
ServeHTTP
(
w
,
r
)
...
@@ -982,10 +1059,14 @@ func (u *fakeUpstream) GetTryInterval() time.Duration { return 250 * time.
...
@@ -982,10 +1059,14 @@ func (u *fakeUpstream) GetTryInterval() time.Duration { return 250 * time.
// redirect to the specified backendAddr. The function
// redirect to the specified backendAddr. The function
// also sets up the rules/environment for testing WebSocket
// also sets up the rules/environment for testing WebSocket
// proxy.
// proxy.
func
newWebSocketTestProxy
(
backendAddr
string
)
*
Proxy
{
func
newWebSocketTestProxy
(
backendAddr
string
,
insecure
bool
)
*
Proxy
{
return
&
Proxy
{
return
&
Proxy
{
Next
:
httpserver
.
EmptyNext
,
// prevents panic in some cases when test fails
Next
:
httpserver
.
EmptyNext
,
// prevents panic in some cases when test fails
Upstreams
:
[]
Upstream
{
&
fakeWsUpstream
{
name
:
backendAddr
,
without
:
""
}},
Upstreams
:
[]
Upstream
{
&
fakeWsUpstream
{
name
:
backendAddr
,
without
:
""
,
insecure
:
insecure
,
}},
}
}
}
}
...
@@ -997,8 +1078,9 @@ func newPrefixedWebSocketTestProxy(backendAddr string, prefix string) *Proxy {
...
@@ -997,8 +1078,9 @@ func newPrefixedWebSocketTestProxy(backendAddr string, prefix string) *Proxy {
}
}
type
fakeWsUpstream
struct
{
type
fakeWsUpstream
struct
{
name
string
name
string
without
string
without
string
insecure
bool
}
}
func
(
u
*
fakeWsUpstream
)
From
()
string
{
func
(
u
*
fakeWsUpstream
)
From
()
string
{
...
@@ -1007,13 +1089,17 @@ func (u *fakeWsUpstream) From() string {
...
@@ -1007,13 +1089,17 @@ func (u *fakeWsUpstream) From() string {
func
(
u
*
fakeWsUpstream
)
Select
(
r
*
http
.
Request
)
*
UpstreamHost
{
func
(
u
*
fakeWsUpstream
)
Select
(
r
*
http
.
Request
)
*
UpstreamHost
{
uri
,
_
:=
url
.
Parse
(
u
.
name
)
uri
,
_
:=
url
.
Parse
(
u
.
name
)
return
&
UpstreamHost
{
host
:=
&
UpstreamHost
{
Name
:
u
.
name
,
Name
:
u
.
name
,
ReverseProxy
:
NewSingleHostReverseProxy
(
uri
,
u
.
without
,
http
.
DefaultMaxIdleConnsPerHost
),
ReverseProxy
:
NewSingleHostReverseProxy
(
uri
,
u
.
without
,
http
.
DefaultMaxIdleConnsPerHost
),
UpstreamHeaders
:
http
.
Header
{
UpstreamHeaders
:
http
.
Header
{
"Connection"
:
{
"{>Connection}"
},
"Connection"
:
{
"{>Connection}"
},
"Upgrade"
:
{
"{>Upgrade}"
}},
"Upgrade"
:
{
"{>Upgrade}"
}},
}
}
if
u
.
insecure
{
host
.
ReverseProxy
.
UseInsecureTransport
()
}
return
host
}
}
func
(
u
*
fakeWsUpstream
)
AllowedPath
(
requestPath
string
)
bool
{
return
true
}
func
(
u
*
fakeWsUpstream
)
AllowedPath
(
requestPath
string
)
bool
{
return
true
}
...
...
caddyhttp/proxy/reverseproxy.go
View file @
7cbbb01f
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment