boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

*) Bugfix for Blacklist support for https (only initial connect)

Browse Source 
See: http://www.yacy-forum.de/viewtopic.php?p=9419

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@684 6c8d7289-2bf4-0310-a012-ef5d649a1542
pull/1/head
theli 20 years ago
parent d666630bad
commit 7809b382bf
2 changed files with 30 additions and 22 deletions
Show Stats Download Patch File Download Diff File

40
source/de/anomic/http/httpd.java
Unescape View File

@ -686,7 +686,7 @@ public final class httpd implements serverHandler {
public Boolean CONNECT(String arg) throws IOException { public Boolean CONNECT(String arg) throws IOException {
// establish a ssh-tunneled http connection // establish a ssh-tunneled http connection
// this is to support https // this is to support https
// parse HTTP version // parse HTTP version
int pos = arg.indexOf(" "); int pos = arg.indexOf(" ");
@ -695,25 +695,32 @@ public final class httpd implements serverHandler {
httpVersion = arg.substring(pos + 1); httpVersion = arg.substring(pos + 1);
arg = arg.substring(0, pos); arg = arg.substring(0, pos);
} }
prop.setProperty(httpd.CONNECTION_PROP_HTTP_VER, httpVersion);
if (!(allowProxy)) { // parse hostname and port
// not authorized through firewall blocking (ip does not match filter) prop.setProperty(httpd.CONNECTION_PROP_HOST, arg);
session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.crlfString + serverCore.crlfString + "you are not allowed to connect to this proxy, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("proxyClient", "*") + serverCore.crlfString).getBytes());
return serverCore.TERMINATE_CONNECTION;
}
// parse port
pos = arg.indexOf(":"); pos = arg.indexOf(":");
int port = 443; int port = 443;
if (pos >= 0) { if (pos >= 0) {
port = Integer.parseInt(arg.substring(pos + 1)); port = Integer.parseInt(arg.substring(pos + 1));
arg = arg.substring(0, pos); arg = arg.substring(0, pos);
} }
// arg is now the host string // setting other connection properties
prop.setProperty(httpd.CONNECTION_PROP_CLIENTIP, this.clientIP);
prop.setProperty(httpd.CONNECTION_PROP_METHOD, httpHeader.METHOD_CONNECT);
prop.setProperty(httpd.CONNECTION_PROP_PATH, "/");
prop.setProperty(httpd.CONNECTION_PROP_EXT, "");
prop.setProperty(httpd.CONNECTION_PROP_URL, "");
// parse remaining lines // parse remaining lines
httpHeader header = readHeader(); httpHeader header = readHeader();
if (!(allowProxy)) {
// not authorized through firewall blocking (ip does not match filter)
session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.crlfString + serverCore.crlfString + "you are not allowed to connect to this proxy, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("proxyClient", "*") + serverCore.crlfString).getBytes());
return serverCore.TERMINATE_CONNECTION;
}
if (port != 443) { if (port != 443) {
// security: connection only to ssl port // security: connection only to ssl port
@ -723,12 +730,6 @@ public final class httpd implements serverHandler {
return serverCore.TERMINATE_CONNECTION; return serverCore.TERMINATE_CONNECTION;
} }
// prepare to pass values
Properties prop = new Properties();
prop.setProperty("HOST", arg);
prop.setProperty("PORT", Integer.toString(port));
prop.setProperty("HTTP", httpVersion);
// pass to proxy // pass to proxy
if (allowProxy) { if (allowProxy) {
if (handleProxyAuthentication(header)) { if (handleProxyAuthentication(header)) {
@ -1119,8 +1120,9 @@ public final class httpd implements serverHandler {
// generating the desired request url // generating the desired request url
String host = conProp.getProperty(httpd.CONNECTION_PROP_HOST); String host = conProp.getProperty(httpd.CONNECTION_PROP_HOST);
String path = conProp.getProperty(httpd.CONNECTION_PROP_PATH); String path = conProp.getProperty(httpd.CONNECTION_PROP_PATH,"/");
String args = conProp.getProperty(httpd.CONNECTION_PROP_ARGS); String args = conProp.getProperty(httpd.CONNECTION_PROP_ARGS);
String method = conProp.getProperty(httpd.CONNECTION_PROP_METHOD);
int port = 80, pos = host.indexOf(":"); int port = 80, pos = host.indexOf(":");
if (pos != -1) { if (pos != -1) {
@ -1130,7 +1132,7 @@ public final class httpd implements serverHandler {
String urlString; String urlString;
try { try {
urlString = (new URL("http", host, port, (args == null) ? path : path + "?" + args)).toString(); urlString = (new URL((method.equals(httpHeader.METHOD_CONNECT)?"https":"http"), host, port, (args == null) ? path : path + "?" + args)).toString();
} catch (MalformedURLException e) { } catch (MalformedURLException e) {
urlString = "invalid URL"; urlString = "invalid URL";
} }

12
source/de/anomic/http/httpdProxyHandler.java
Unescape View File

@ -1014,11 +1014,17 @@ public final class httpdProxyHandler extends httpdAbstractHandler implements htt
this.connectionProperties = conProp; this.connectionProperties = conProp;
switchboard.proxyLastAccess = System.currentTimeMillis(); switchboard.proxyLastAccess = System.currentTimeMillis();
String host = conProp.getProperty("HOST"); String host = conProp.getProperty(httpd.CONNECTION_PROP_HOST);
int port = Integer.parseInt(conProp.getProperty("PORT")); String httpVersion = conProp.getProperty(httpd.CONNECTION_PROP_HTTP_VER);
String httpVersion = conProp.getProperty("HTTP");
int timeout = Integer.parseInt(switchboard.getConfig("clientTimeout", "10000")); int timeout = Integer.parseInt(switchboard.getConfig("clientTimeout", "10000"));
int port, pos;
if ((pos = host.indexOf(":")) < 0) {
port = 80;
} else {
port = Integer.parseInt(host.substring(pos + 1));
host = host.substring(0, pos);
}
// check the blacklist // check the blacklist
// blacklist idea inspired by [AS]: // blacklist idea inspired by [AS]:

Write Preview
Loading…
Cancel
Save