forked from elazarl/goproxy
-
Notifications
You must be signed in to change notification settings - Fork 1
/
websocket.go
121 lines (102 loc) · 3.07 KB
/
websocket.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
package goproxy
import (
"bufio"
"crypto/tls"
"io"
"net/http"
"net/url"
"strings"
)
func headerContains(header http.Header, name string, value string) bool {
for _, v := range header[name] {
for _, s := range strings.Split(v, ",") {
if strings.EqualFold(value, strings.TrimSpace(s)) {
return true
}
}
}
return false
}
func isWebSocketRequest(r *http.Request) bool {
return headerContains(r.Header, "Connection", "upgrade") &&
headerContains(r.Header, "Upgrade", "websocket")
}
func (proxy *ProxyHttpServer) serveWebsocketTLS(ctx *ProxyCtx, w http.ResponseWriter, req *http.Request, tlsConfig *tls.Config, clientConn *tls.Conn) {
targetURL := url.URL{Scheme: "wss", Host: req.URL.Host, Path: req.URL.Path}
// Connect to upstream
targetConn, err := tls.Dial("tcp", targetURL.Host, tlsConfig)
if err != nil {
ctx.Warnf("Error dialing target site: %v", err)
return
}
defer targetConn.Close()
// Perform handshake
if err := proxy.websocketHandshake(ctx, req, targetConn, clientConn); err != nil {
ctx.Warnf("Websocket handshake error: %v", err)
return
}
// Proxy wss connection
proxy.proxyWebsocket(ctx, targetConn, clientConn)
}
func (proxy *ProxyHttpServer) serveWebsocket(ctx *ProxyCtx, w http.ResponseWriter, req *http.Request) {
targetURL := url.URL{Scheme: "ws", Host: req.URL.Host, Path: req.URL.Path}
targetConn, err := proxy.connectDial(ctx, "tcp", targetURL.Host)
if err != nil {
ctx.Warnf("Error dialing target site: %v", err)
return
}
defer targetConn.Close()
// Connect to Client
hj, ok := w.(http.Hijacker)
if !ok {
panic("httpserver does not support hijacking")
}
clientConn, _, err := hj.Hijack()
if err != nil {
ctx.Warnf("Hijack error: %v", err)
return
}
// Perform handshake
if err := proxy.websocketHandshake(ctx, req, targetConn, clientConn); err != nil {
ctx.Warnf("Websocket handshake error: %v", err)
return
}
// Proxy ws connection
proxy.proxyWebsocket(ctx, targetConn, clientConn)
}
func (proxy *ProxyHttpServer) websocketHandshake(ctx *ProxyCtx, req *http.Request, targetSiteConn io.ReadWriter, clientConn io.ReadWriter) error {
// write handshake request to target
err := req.Write(targetSiteConn)
if err != nil {
ctx.Warnf("Error writing upgrade request: %v", err)
return err
}
targetTLSReader := bufio.NewReader(targetSiteConn)
// Read handshake response from target
resp, err := http.ReadResponse(targetTLSReader, req)
if err != nil {
ctx.Warnf("Error reading handhsake response %v", err)
return err
}
// Run response through handlers
resp = proxy.filterResponse(resp, ctx)
// Proxy handshake back to client
err = resp.Write(clientConn)
if err != nil {
ctx.Warnf("Error writing handshake response: %v", err)
return err
}
return nil
}
func (proxy *ProxyHttpServer) proxyWebsocket(ctx *ProxyCtx, dest io.ReadWriter, source io.ReadWriter) {
errChan := make(chan error, 2)
cp := func(dst io.Writer, src io.Reader) {
_, err := io.Copy(dst, src)
ctx.Warnf("Websocket error: %v", err)
errChan <- err
}
// Start proxying websocket data
go cp(dest, source)
go cp(source, dest)
<-errChan
}