root/gost_software
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow whitelisting and blacklisting of http/http2

Browse Source
This commit is contained in:
Adam Stankiewicz 2017-04-10 13:49:39 +02:00
parent ff2635678a
commit b31d0e9c8a
No known key found for this signature in database
GPG Key ID: A62480DCEAC884DF
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
http.go
View File

@ -5,14 +5,15 @@ import (
"crypto/tls" "crypto/tls"
"encoding/base64" "encoding/base64"
"errors" "errors"
"github.com/ginuerzh/pht"
"github.com/golang/glog"
"golang.org/x/net/http2"
"io" "io"
"net" "net"
"net/http" "net/http"
"net/http/httputil" "net/http/httputil"
"time" "time"
"github.com/ginuerzh/pht"
"github.com/golang/glog"
"golang.org/x/net/http2"
) )
type HttpServer struct { type HttpServer struct {
@ -75,6 +76,11 @@ func (s *HttpServer) HandleRequest(req *http.Request) {
return return
} }
if !s.Base.Node.Can("tcp", req.Host) {
glog.Errorf("Unauthorized to tcp connect to %s", req.Host)
return
}
c, err := s.Base.Chain.Dial(req.Host) c, err := s.Base.Chain.Dial(req.Host)
if err != nil { if err != nil {
glog.V(LWARNING).Infof("[http] %s -> %s : %s", s.conn.RemoteAddr(), req.Host, err) glog.V(LWARNING).Infof("[http] %s -> %s : %s", s.conn.RemoteAddr(), req.Host, err)
@ -184,6 +190,11 @@ func (s *Http2Server) HandleRequest(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Proxy-Agent", "gost/"+Version) w.Header().Set("Proxy-Agent", "gost/"+Version)
if !s.Base.Node.Can("tcp", target) {
glog.Errorf("Unauthorized to tcp connect to %s", target)
return
}
// HTTP2 as transport // HTTP2 as transport
if req.Header.Get("Proxy-Switch") == "gost" { if req.Header.Get("Proxy-Switch") == "gost" {
conn, err := s.Upgrade(w, req) conn, err := s.Upgrade(w, req)