2020-08-27 03:02:16 +00:00
|
|
|
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
// +build tailscale_go
|
|
|
|
|
|
|
|
// We want to use https://github.com/golang/go/issues/41048 but it's only in the
|
|
|
|
// Tailscale Go tree for now. Hence the build tag above.
|
|
|
|
|
|
|
|
package tshttpproxy
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2020-08-29 03:58:14 +00:00
|
|
|
"fmt"
|
2020-08-27 03:02:16 +00:00
|
|
|
"log"
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
)
|
|
|
|
|
2020-08-29 03:58:14 +00:00
|
|
|
const proxyAuthHeader = "Proxy-Authorization"
|
|
|
|
|
2020-08-27 03:02:16 +00:00
|
|
|
func init() {
|
|
|
|
condSetTransportGetProxyConnectHeader = func(tr *http.Transport) {
|
|
|
|
tr.GetProxyConnectHeader = func(ctx context.Context, proxyURL *url.URL, target string) (http.Header, error) {
|
|
|
|
v, err := GetAuthHeader(proxyURL)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf("failed to get proxy Auth header for %v; ignoring: %v", proxyURL, err)
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
if v == "" {
|
|
|
|
return nil, nil
|
|
|
|
}
|
2020-08-29 03:58:14 +00:00
|
|
|
return http.Header{proxyAuthHeader: []string{v}}, nil
|
|
|
|
}
|
|
|
|
tr.OnProxyConnectResponse = func(ctx context.Context, proxyURL *url.URL, connectReq *http.Request, res *http.Response) error {
|
|
|
|
auth := connectReq.Header.Get(proxyAuthHeader)
|
|
|
|
const truncLen = 20
|
|
|
|
if len(auth) > truncLen {
|
|
|
|
auth = fmt.Sprintf("%s...(%d total bytes)", auth[:truncLen], len(auth))
|
|
|
|
}
|
|
|
|
log.Printf("tshttpproxy: CONNECT response from %v for target %q (auth %q): %v", proxyURL, connectReq.Host, auth, res.Status)
|
|
|
|
return nil
|
2020-08-27 03:02:16 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|