From 6d16fa993d2acc18ad20fed64844644676256b2d Mon Sep 17 00:00:00 2001 From: sixcooler Date: Wed, 26 Mar 2014 20:01:15 +0100 Subject: [PATCH] make transparent proxy handle https-connections: the implemented handle for connect did not work for me - so lets try the connectHandler --- .../net/yacy/http/CrashProtectionHandler.java | 4 +- .../net/yacy/http/Jetty8HttpServerImpl.java | 8 +++- source/net/yacy/http/ProxyHandler.java | 44 +------------------ 3 files changed, 11 insertions(+), 45 deletions(-) diff --git a/source/net/yacy/http/CrashProtectionHandler.java b/source/net/yacy/http/CrashProtectionHandler.java index 4b143fa89..0ca88497e 100644 --- a/source/net/yacy/http/CrashProtectionHandler.java +++ b/source/net/yacy/http/CrashProtectionHandler.java @@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.HandlerContainer; import org.eclipse.jetty.server.Request; +import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.handler.HandlerWrapper; public class CrashProtectionHandler extends HandlerWrapper implements Handler, HandlerContainer { @@ -18,8 +19,9 @@ public class CrashProtectionHandler extends HandlerWrapper implements Handler, H super(); } - public CrashProtectionHandler(Handler h) { + public CrashProtectionHandler(Server s, Handler h) { super(); + this.setServer(s); this.setHandler(h); } diff --git a/source/net/yacy/http/Jetty8HttpServerImpl.java b/source/net/yacy/http/Jetty8HttpServerImpl.java index bbc1125ec..56c42ef3d 100644 --- a/source/net/yacy/http/Jetty8HttpServerImpl.java +++ b/source/net/yacy/http/Jetty8HttpServerImpl.java @@ -52,6 +52,7 @@ import net.yacy.utils.PKCS12Tool; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.handler.ConnectHandler; import org.eclipse.jetty.server.handler.ContextHandler; import org.eclipse.jetty.server.handler.ContextHandlerCollection; import org.eclipse.jetty.server.handler.DefaultHandler; @@ -158,16 +159,18 @@ public class Jetty8HttpServerImpl implements YaCyHttpServer { // define list of YaCy specific general handlers HandlerList handlers = new HandlerList(); handlers.setHandlers(new Handler[] - {domainHandler, new ProxyCacheHandler(), new ProxyHandler()}); + {domainHandler, new ProxyCacheHandler(), new ProxyHandler(), new ConnectHandler()}); // context handler for dispatcher and security (hint: dispatcher requires a context) ContextHandler context = new ContextHandler(); + context.setServer(server); context.setContextPath("/"); context.setHandler(handlers); // make YaCy handlers (in context) and servlet context handlers available (both contain root context "/") // logic: 1. YaCy handlers are called if request not handled (e.g. proxy) then servlets handle it ContextHandlerCollection allrequesthandlers = new ContextHandlerCollection(); + allrequesthandlers.setServer(server); allrequesthandlers.addHandler(context); allrequesthandlers.addHandler(htrootContext); allrequesthandlers.addHandler(new DefaultHandler()); // if not handled by other handler @@ -183,7 +186,7 @@ public class Jetty8HttpServerImpl implements YaCyHttpServer { htrootContext.setSecurityHandler(securityHandler); // wrap all handlers - Handler crashHandler = new CrashProtectionHandler(allrequesthandlers); + Handler crashHandler = new CrashProtectionHandler(server, allrequesthandlers); // check server access restriction and add IPAccessHandler if restrictions are needed // otherwise don't (to save performance) String white = sb.getConfig("serverClient", "*"); @@ -198,6 +201,7 @@ public class Jetty8HttpServerImpl implements YaCyHttpServer { } if (i > 0) { iphandler.addWhite("127.0.0.1"); // allow localhost (loopback addr) + iphandler.setServer(server); iphandler.setHandler(crashHandler); server.setHandler(iphandler); ConcurrentLog.info("SERVER","activated IP access restriction to: [127.0.0.1," + white +"] (this works only correct with start parameter -Djava.net.preferIPv4Stack=true)"); diff --git a/source/net/yacy/http/ProxyHandler.java b/source/net/yacy/http/ProxyHandler.java index 1b97d11d8..182e3144f 100644 --- a/source/net/yacy/http/ProxyHandler.java +++ b/source/net/yacy/http/ProxyHandler.java @@ -146,8 +146,8 @@ public class ProxyHandler extends AbstractRemoteHandler implements Handler { sb.proxyLastAccess = System.currentTimeMillis(); if (request.getMethod().equalsIgnoreCase(HeaderFramework.METHOD_CONNECT)) { - handleConnect(request, response); - return; + // will be done by the ConnectHandler + return; } RequestHeader proxyHeaders = convertHeaderFromJetty(request); @@ -299,44 +299,4 @@ public class ProxyHandler extends AbstractRemoteHandler implements Handler { HTTPDProxyHandler.proxyLog.fine(logMessage.toString()); } - - public void handleConnect(HttpServletRequest request, HttpServletResponse response) throws IOException { - // taken from Jetty ProxyServlet - String uri = request.getRequestURI(); - - String port = ""; - String host = ""; - - int c = uri.indexOf(':'); - if (c >= 0) { - port = uri.substring(c + 1); - host = uri.substring(0, c); - if (host.indexOf('/') > 0) { - host = host.substring(host.indexOf('/') + 1); -} - } - - // TODO - make this async! - InetSocketAddress inetAddress = new InetSocketAddress(host, Integer.parseInt(port)); - - // if (isForbidden(HttpMessage.__SSL_SCHEME,addrPort.getHost(),addrPort.getPort(),false)) - // { - // sendForbid(request,response,uri); - // } - // else - { - InputStream in = request.getInputStream(); - OutputStream out = response.getOutputStream(); - - Socket socket = new Socket(inetAddress.getAddress(), inetAddress.getPort()); - - response.setStatus(200); - response.setHeader("Connection", "close"); - response.flushBuffer(); - // TODO prevent real close! - - IO.copyThread(socket.getInputStream(), out); - IO.copy(in, socket.getOutputStream()); - } - } }