Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427)
* Support "http_hidden_proxy" ENV var for hidden service only proxy * Fallback to http_proxy if http_hidden_proxy is not setgh/stable
parent
1165943968
commit
861b35dd54
|
@ -31,7 +31,7 @@ class Request
|
||||||
@url = Addressable::URI.parse(url).normalize
|
@url = Addressable::URI.parse(url).normalize
|
||||||
@http_client = options.delete(:http_client)
|
@http_client = options.delete(:http_client)
|
||||||
@options = options.merge(socket_class: use_proxy? ? ProxySocket : Socket)
|
@options = options.merge(socket_class: use_proxy? ? ProxySocket : Socket)
|
||||||
@options = @options.merge(Rails.configuration.x.http_client_proxy) if use_proxy?
|
@options = @options.merge(proxy_url) if use_proxy?
|
||||||
@headers = {}
|
@headers = {}
|
||||||
|
|
||||||
raise Mastodon::HostValidationError, 'Instance does not support hidden service connections' if block_hidden_service?
|
raise Mastodon::HostValidationError, 'Instance does not support hidden service connections' if block_hidden_service?
|
||||||
|
@ -141,11 +141,23 @@ class Request
|
||||||
end
|
end
|
||||||
|
|
||||||
def use_proxy?
|
def use_proxy?
|
||||||
Rails.configuration.x.http_client_proxy.present?
|
proxy_url.present?
|
||||||
|
end
|
||||||
|
|
||||||
|
def proxy_url
|
||||||
|
if hidden_service? && Rails.configuration.x.http_client_hidden_proxy.present?
|
||||||
|
Rails.configuration.x.http_client_hidden_proxy
|
||||||
|
else
|
||||||
|
Rails.configuration.x.http_client_proxy
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def block_hidden_service?
|
def block_hidden_service?
|
||||||
!Rails.configuration.x.access_to_hidden_service && /\.(onion|i2p)$/.match?(@url.host)
|
!Rails.configuration.x.access_to_hidden_service && hidden_service?
|
||||||
|
end
|
||||||
|
|
||||||
|
def hidden_service?
|
||||||
|
/\.(onion|i2p)$/.match?(@url.host)
|
||||||
end
|
end
|
||||||
|
|
||||||
module ClientLimit
|
module ClientLimit
|
||||||
|
|
|
@ -18,5 +18,22 @@ Rails.application.configure do
|
||||||
}.compact
|
}.compact
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if ENV['http_hidden_proxy'].present?
|
||||||
|
proxy = URI.parse(ENV['http_hidden_proxy'])
|
||||||
|
|
||||||
|
raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme
|
||||||
|
raise "No proxy host" unless proxy.host
|
||||||
|
|
||||||
|
host = proxy.host
|
||||||
|
host = host[1...-1] if host[0] == '[' # for IPv6 address
|
||||||
|
|
||||||
|
config.x.http_client_hidden_proxy[:proxy] = {
|
||||||
|
proxy_address: host,
|
||||||
|
proxy_port: proxy.port,
|
||||||
|
proxy_username: proxy.user,
|
||||||
|
proxy_password: proxy.password,
|
||||||
|
}.compact
|
||||||
|
end
|
||||||
|
|
||||||
config.x.access_to_hidden_service = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
|
config.x.access_to_hidden_service = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
|
||||||
end
|
end
|
||||||
|
|
Reference in New Issue