From c273ac9e23fe16b4b2ebfe205a2a4074505be15d Mon Sep 17 00:00:00 2001 From: SamJakob Date: Sun, 11 Sep 2022 00:19:29 +0100 Subject: [PATCH] Fix unexpected header modification (closes #46) --- go.mod | 3 +++ go.sum | 5 +++++ libproxy/crypto.go | 7 +++---- libproxy/proxy.go | 27 +++++++++++++++++---------- version.properties | 4 ++-- 5 files changed, 30 insertions(+), 16 deletions(-) diff --git a/go.mod b/go.mod index 1570e27..eb79eab 100644 --- a/go.mod +++ b/go.mod @@ -17,6 +17,7 @@ require ( require ( github.com/bhendo/go-powershell v0.0.0-20190719160123-219e7fb4e41e // indirect + github.com/cratonica/2goarray v0.0.0-20190331194516-514510793eaa // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/getlantern/context v0.0.0-20220418194847-3d5e7a086201 // indirect github.com/getlantern/errors v1.0.1 // indirect @@ -37,6 +38,8 @@ require ( go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.21.0 // indirect + golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect + golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 54d81c2..e17cd17 100644 --- a/go.sum +++ b/go.sum @@ -4,6 +4,8 @@ github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLj github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/bhendo/go-powershell v0.0.0-20190719160123-219e7fb4e41e h1:KCjb01YiNoRaJ5c+SbnPLWjVzU9vqRYHg3e5JcN50nM= github.com/bhendo/go-powershell v0.0.0-20190719160123-219e7fb4e41e/go.mod h1:f7vw6ObmmNcyFQLhZX9eUGBJGpnwTJFDvVjqZxIxHWY= +github.com/cratonica/2goarray v0.0.0-20190331194516-514510793eaa h1:Wg+722vs7a2zQH5lR9QWYsVbplKeffaQFIs5FTdfNNo= +github.com/cratonica/2goarray v0.0.0-20190331194516-514510793eaa/go.mod h1:6Arca19mRx58CA7OWEd7Wu1NpC1rd3uDnNs6s1pj/DI= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -129,6 +131,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 h1:/UOmuWzQfxxo9UtlXMwuQU8CMgg1eZXqTRwkSQJWKOI= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180406214816-61147c48b25b/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -150,6 +154,7 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= diff --git a/libproxy/crypto.go b/libproxy/crypto.go index dccc0bb..8a8526f 100644 --- a/libproxy/crypto.go +++ b/libproxy/crypto.go @@ -9,7 +9,6 @@ import ( "crypto/x509" "crypto/x509/pkix" "encoding/pem" - "io/ioutil" "log" "math/big" "net" @@ -83,15 +82,15 @@ func EnsurePrivateKeyInstalled() error { // and then return no error (unless one was thrown in the process of creating the key.) if os.IsNotExist(err) { encodedPEM := CreateKeyPair() - err = ioutil.WriteFile(GetOrCreateDataPath()+"/cert.pem", encodedPEM[0].Bytes(), 0600) + err = os.WriteFile(GetOrCreateDataPath()+"/cert.pem", encodedPEM[0].Bytes(), 0600) if err != nil { - err = ioutil.WriteFile(GetOrCreateDataPath()+"/key.pem", encodedPEM[1].Bytes(), 0600) + err = os.WriteFile(GetOrCreateDataPath()+"/key.pem", encodedPEM[1].Bytes(), 0600) } if runtime.GOOS == "windows" { // Windows doesn't recognize .pem as certificates, but we can simply write the PEM data // into a .cer file and it works just fine! - err = ioutil.WriteFile(GetOrCreateDataPath()+"/cert.cer", encodedPEM[0].Bytes(), 0600) + err = os.WriteFile(GetOrCreateDataPath()+"/cert.cer", encodedPEM[0].Bytes(), 0600) } if err == nil { diff --git a/libproxy/proxy.go b/libproxy/proxy.go index 84b000b..81f80e9 100644 --- a/libproxy/proxy.go +++ b/libproxy/proxy.go @@ -6,7 +6,6 @@ import ( "encoding/json" "fmt" "io" - "io/ioutil" "log" "mime/multipart" "net/http" @@ -169,7 +168,7 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) { response.WriteHeader(301) return } else { - // Otherwise set the appropriate CORS polciy and continue. + // Otherwise set the appropriate CORS policy and continue. response.Header().Add("Access-Control-Allow-Origin", request.Header.Get("Origin")) } @@ -247,7 +246,15 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) { proxyRequest.Header.Set(k, v) } - proxyRequest.Header.Set("User-Agent", "Proxyscotch/1.1") + // Add proxy headers. + proxyRequest.Header.Set("X-Forwarded-For", request.RemoteAddr) + proxyRequest.Header.Set("Via", "Proxyscotch/1.1") + + if len(strings.TrimSpace(proxyRequest.Header.Get("User-Agent"))) < 1 { + // If there is no valid user agent specified at all, *then* use the default. + // We'll do this for now, we could look at using the User-Agent from whatever made the request. + proxyRequest.Header.Set("User-Agent", "Proxyscotch/1.1") + } if isMultipart { body := &bytes.Buffer{} @@ -297,13 +304,13 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) { } contentType := fmt.Sprintf("multipart/form-data; boundary=%v", writer.Boundary()) proxyRequest.Header.Set("content-type", contentType) - proxyRequest.Body = ioutil.NopCloser(bytes.NewReader(body.Bytes())) + proxyRequest.Body = io.NopCloser(bytes.NewReader(body.Bytes())) proxyRequest.ContentLength = int64(len(body.Bytes())) - proxyRequest.Body.Close() + _ = proxyRequest.Body.Close() } else if len(requestData.Data) > 0 { - proxyRequest.Body = ioutil.NopCloser(strings.NewReader(requestData.Data)) + proxyRequest.Body = io.NopCloser(strings.NewReader(requestData.Data)) proxyRequest.ContentLength = int64(len(requestData.Data)) - proxyRequest.Body.Close() + _ = proxyRequest.Body.Close() } var client http.Client @@ -320,7 +327,7 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) { responseData.Success = true responseData.Status = proxyResponse.StatusCode responseData.StatusText = strings.Join(strings.Split(proxyResponse.Status, " ")[1:], " ") - responseBytes, err := ioutil.ReadAll(proxyResponse.Body) + responseBytes, err := io.ReadAll(proxyResponse.Body) responseData.Headers = headerToArray(proxyResponse.Header) if requestData.WantsBinary { @@ -351,8 +358,8 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) { } } -/// Converts http.Header to a map. -/// Original Source: https://stackoverflow.com/a/37030039/2872279 (modified). +// / Converts http.Header to a map. +// / Original Source: https://stackoverflow.com/a/37030039/2872279 (modified). func headerToArray(header http.Header) (res map[string]string) { res = make(map[string]string) diff --git a/version.properties b/version.properties index 537f1d6..05d8fbb 100644 --- a/version.properties +++ b/version.properties @@ -1,3 +1,3 @@ # Version Information -VERSION_NAME=0.1.0 -VERSION_CODE=10 \ No newline at end of file +VERSION_NAME=0.1.1 +VERSION_CODE=11 \ No newline at end of file