go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-03-14 08:26:26 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add a tls.Config parameter for reverse proxy

Browse Source
This commit is contained in:
tuhao 2021-03-12 13:20:21 +08:00
parent 84581e5314
commit 71f1d86420
2 changed files with 23 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
core/host/proxy.go
View File

@ -20,7 +20,11 @@ import (
// Relative to httputil.NewSingleHostReverseProxy with some additions.
//
// Look `ProxyHandlerRemote` too.
func ProxyHandler(target *url.URL) *httputil.ReverseProxy {
func ProxyHandler(target *url.URL, config *tls.Config) *httputil.ReverseProxy {
if config == nil {
config = &tls.Config{}
}
director := func(req *http.Request) {
modifyProxiedRequest(req, target)
req.Host = target.Host
@ -31,7 +35,7 @@ func ProxyHandler(target *url.URL) *httputil.ReverseProxy {
if netutil.IsLoopbackHost(target.Host) {
transport := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // lint:ignore
TLSClientConfig: config, // lint:ignore
}
p.Transport = transport
}
@ -84,7 +88,11 @@ func modifyProxiedRequest(req *http.Request, target *url.URL) {
// insecureSkipVerify indicates enable ssl certificate verification or not.
//
// Look `ProxyHandler` too.
func ProxyHandlerRemote(target *url.URL, insecureSkipVerify bool) *httputil.ReverseProxy {
func ProxyHandlerRemote(target *url.URL, config *tls.Config) *httputil.ReverseProxy {
if config == nil {
config = &tls.Config{}
}
director := func(req *http.Request) {
modifyProxiedRequest(req, target)
@ -99,11 +107,11 @@ func ProxyHandlerRemote(target *url.URL, insecureSkipVerify bool) *httputil.Reve
p := &httputil.ReverseProxy{Director: director}
if netutil.IsLoopbackHost(target.Host) {
insecureSkipVerify = true
config.InsecureSkipVerify = true
}
transport := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify}, // lint:ignore
TLSClientConfig: config, // lint:ignore
}
p.Transport = transport
return p
@ -117,8 +125,8 @@ func ProxyHandlerRemote(target *url.URL, insecureSkipVerify bool) *httputil.Reve
// target, _ := url.Parse("https://mydomain.com")
// proxy := NewProxy("mydomain.com:80", target)
// proxy.ListenAndServe() // use of `proxy.Shutdown` to close the proxy server.
func NewProxy(hostAddr string, target *url.URL) *Supervisor {
proxyHandler := ProxyHandler(target)
func NewProxy(hostAddr string, target *url.URL, config *tls.Config) *Supervisor {
proxyHandler := ProxyHandler(target, config)
proxy := New(&http.Server{
Addr: hostAddr,
Handler: proxyHandler,
@ -135,8 +143,8 @@ func NewProxy(hostAddr string, target *url.URL) *Supervisor {
// target, _ := url.Parse("https://anotherdomain.com/abc")
// proxy := NewProxyRemote("mydomain.com", target, false)
// proxy.ListenAndServe() // use of `proxy.Shutdown` to close the proxy server.
func NewProxyRemote(hostAddr string, target *url.URL, insecureSkipVerify bool) *Supervisor {
proxyHandler := ProxyHandlerRemote(target, insecureSkipVerify)
func NewProxyRemote(hostAddr string, target *url.URL, config *tls.Config) *Supervisor {
proxyHandler := ProxyHandlerRemote(target, config)
proxy := New(&http.Server{
Addr: hostAddr,
Handler: proxyHandler,

7
core/host/proxy_test.go
View File

@ -2,6 +2,7 @@
package host_test
import (
"crypto/tls"
"net"
"net/url"
"testing"
@ -24,7 +25,11 @@ func TestProxy(t *testing.T) {
t.Fatalf("%v while parsing url", err)
}
proxy := host.NewProxy("", u)
config := &tls.Config{
InsecureSkipVerify: true,
MaxVersion: tls.VersionTLS12,
}
proxy := host.NewProxy("", u, config)
addr := &net.TCPAddr{
IP: net.IPv4(127, 0, 0, 1),