proxy support, including https tunnel

robaho · robaho · commit dc9bfe6d401f · 2024-04-26T19:40:06.000-05:00
diff --git a/README.md b/README.md
@@ -6,6 +6,7 @@ It adds websocket support using modified source from nanohttpd.
 
 It has basic server-side proxy support using [ProxyHandler](https://github.com/robaho/httpserver/blob/main/src/main/java/robaho/net/httpserver/extras/ProxyHandler.java).
 
+ProxyHandler also supports tunneling proxies using CONNECT for https.
 
 All async functionality has been removed. Most synchronized blocks were removed in favor of other Java concurrency concepts.
 
diff --git a/build.gradle b/build.gradle
@@ -134,18 +134,15 @@ task runSimpleFileServer(type: Test) {
     }
 }
 
-task run(type: Test) {
+task run(type: JavaExec) {
+    classpath sourceSets.testMains.runtimeClasspath
     dependsOn testMainsClasses
-    doLast {
-        def props = systemProperties
-        javaexec {
-            classpath sourceSets.testMains.runtimeClasspath
-            main runClassName
-            systemProperties = props
-        }
-    }
 }
 
+publish {
+    dependsOn test
+    dependsOn testMainsTest
+}
 
 publishing {
     publications {
diff --git a/logging.properties b/logging.properties
@@ -3,4 +3,4 @@ handlers = java.util.logging.ConsoleHandler
 java.util.logging.ConsoleHandler.level = ALL
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
 java.util.logging.SimpleFormatter.format=[%1$tF %1$tT] [%4$-7s] [%2$s] %5$s %6$s %n
-robaho.net.level=INFO
+robaho.net.level=FINEST
diff --git a/src/main/java/robaho/net/httpserver/ExchangeImpl.java b/src/main/java/robaho/net/httpserver/ExchangeImpl.java
@@ -65,6 +65,7 @@ class ExchangeImpl {
     }
 
     private static final String HEAD = "HEAD";
+    private static final String CONNECT = "CONNECT";
 
     /*
      * streams which take care of the HTTP protocol framing
@@ -127,6 +128,10 @@ private boolean isHeadRequest() {
         return HEAD.equals(getRequestMethod());
     }
 
+    private boolean isConnectRequest() {
+        return CONNECT.equals(getRequestMethod());
+    }
+
     public void close() {
         if (closed) {
             return;
@@ -161,8 +166,8 @@ public InputStream getRequestBody() {
         if (uis != null) {
             return uis;
         }
-        if (websocket) {
-            // websocket connection cannot be re-used
+        if (websocket || isConnectRequest()) {
+            // connection cannot be re-used
             uis = ris;
         } else if (reqContentLen == -1L) {
             uis_orig = new ChunkedInputStream(this, ris);
@@ -266,7 +271,7 @@ public void sendResponseHeaders(int rCode, long contentLen)
             o.setWrappedStream(new FixedLengthOutputStream(this, ros, contentLen));
         } else { /* not a HEAD request or 304 response */
             if (contentLen == 0) {
-                if (websocket) {
+                if (websocket || isConnectRequest()) {
                     o.setWrappedStream(ros);
                     close = true;
                 }
diff --git a/src/main/java/robaho/net/httpserver/ServerImpl.java b/src/main/java/robaho/net/httpserver/ServerImpl.java
@@ -45,13 +45,16 @@
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Optional;
 import java.util.Set;
 import java.util.Timer;
 import java.util.TimerTask;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.Executor;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
+import java.util.logging.LogManager;
+import java.util.logging.LogRecord;
 
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
@@ -109,21 +112,30 @@ class ServerImpl {
     }
 
     private Timer timer;
-    private final Logger logger;
+    private Logger logger;
     private Thread dispatcherThread;
 
     ServerImpl(HttpServer wrapper, String protocol, InetSocketAddress addr, int backlog) throws IOException {
 
         this.protocol = protocol;
         this.wrapper = wrapper;
-        this.logger = System.getLogger("robaho.net.httpserver");
+
+        this.logger = System.getLogger("robaho.net.httpserver."+System.identityHashCode(this));
+        LogManager.getLogManager().getLogger(this.logger.getName()).setFilter(new java.util.logging.Filter(){
+            @Override
+            public boolean isLoggable(LogRecord record) {
+                record.setMessage("["+protocol+":"+socket.getLocalPort()+"] "+record.getMessage());
+                return true;
+            }
+        });
 
         https = protocol.equalsIgnoreCase("https");
         contexts = new ContextList();
         socket = new ServerSocket();
         if (addr != null) {
             socket.bind(addr, backlog);
             bound = true;
+            logger.log(Level.INFO,"server bound to "+socket.getLocalSocketAddress());
         }
         dispatcher = new Dispatcher();
         timer = new Timer("connection-cleaner", true);
@@ -139,6 +151,7 @@ public void bind(InetSocketAddress addr, int backlog) throws IOException {
             throw new NullPointerException("null address");
         }
         socket.bind(addr, backlog);
+        logger.log(Level.INFO,"server bound to "+socket.getLocalSocketAddress());
         bound = true;
     }
 
@@ -491,7 +504,9 @@ private void runPerRequest() throws IOException {
                     }
                 }
             }
-            ctx = contexts.findContext(protocol, uri.getPath());
+            logger.log(Level.INFO,"protocol "+protocol+" uri "+uri+" headers "+headers);
+            String uriPath = Optional.ofNullable(uri.getPath()).orElse("/");
+            ctx = contexts.findContext(protocol, uriPath);
             if (ctx == null) {
                 reject(Code.HTTP_NOT_FOUND,
                         requestLine, "No context found for request");
diff --git a/src/main/java/robaho/net/httpserver/extras/ProxyHandler.java b/src/main/java/robaho/net/httpserver/extras/ProxyHandler.java
@@ -1,9 +1,12 @@
 package robaho.net.httpserver.extras;
 
 import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
 import java.net.ProxySelector;
+import java.net.Socket;
 import java.net.SocketAddress;
 import java.net.URI;
 import java.net.URISyntaxException;
@@ -12,10 +15,14 @@
 import java.net.http.HttpResponse;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
+import java.util.logging.Logger;
+
+import javax.net.SocketFactory;
 
 import com.sun.net.httpserver.Headers;
 import com.sun.net.httpserver.HttpExchange;
@@ -31,6 +38,8 @@ public record HostPort(String server,int port,String scheme){}
     private final HttpClient proxyClient;
     private final Optional<HostPort> defaultProxy;
 
+    protected final Logger logger = Logger.getLogger("robaho.net.httpserver.ProxyHandler");
+
     public ProxyHandler() {
         this(Optional.empty());
     }
@@ -55,6 +64,36 @@ public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
 
     @Override
     public void handle(HttpExchange exchange) throws IOException {
+        if(exchange.getRequestMethod().equals("CONNECT")) {
+            if(!authorizeConnect(exchange)) return;
+            try (Socket s = SocketFactory.getDefault().createSocket()) {
+                var uri = exchange.getRequestURI();
+                var addr = new InetSocketAddress(uri.getScheme(),Integer.parseInt(uri.getSchemeSpecificPart()));
+                try {
+                    s.connect(addr);
+                } catch(Exception e) {
+                    logger.warning("failed to connect to "+addr);
+                    exchange.sendResponseHeaders(500,-1);
+                    return;
+                }
+                logger.fine("connected to "+s.getRemoteSocketAddress());
+                exchange.sendResponseHeaders(200,0);
+
+                try {
+                    exchange.getHttpContext().getServer().getExecutor().execute(() -> {
+                        try {
+                            transfer(s.getInputStream(),exchange.getResponseBody());
+                        } catch (IOException ex) {
+                            ex.printStackTrace();
+                        }
+                    });
+                    transfer(exchange.getRequestBody(),s.getOutputStream());
+                } finally {
+                    logger.fine("proxy connection to "+s.getRemoteSocketAddress()+" ended");
+                    return;
+                }
+            }
+        }
         var proxy = proxyTo(exchange).orElseThrow(() -> new IOException("proxy not configured for "+exchange.getRequestURI()));
         var uri = exchange.getRequestURI();
         if(uri.getScheme()==null) {
@@ -70,13 +109,43 @@ public void handle(HttpExchange exchange) throws IOException {
             exchange.getResponseHeaders().putAll(response.headers().map());
             exchange.sendResponseHeaders(response.statusCode(),0);
             try (var os = exchange.getResponseBody ()) {
-                response.body().transferTo(os);
+                transfer(response.body(),os);
             }
         } catch (InterruptedException ex) {
             throw new IOException("unable to proxy request to "+exchange.getRequestURI(),ex);
         }
     }
 
+    /**
+     * override to check authorization headers. if returning false,
+     * the implementation must call exchange.sendResponseHeaders() with the appropriate code.
+     * 
+     * @return true if the CONNECT should proceed, else false
+     */
+    protected boolean authorizeConnect(HttpExchange exchange) {
+        return true;
+    }
+
+    private static int DEFAULT_BUFFER_SIZE = 16384;
+    private static long transfer(InputStream in, OutputStream out) throws IOException {
+        Objects.requireNonNull(out, "out");
+        long transferred = 0;
+        byte[] buffer = new byte[DEFAULT_BUFFER_SIZE];
+        int read;
+        while ((read = in.read(buffer, 0, DEFAULT_BUFFER_SIZE)) >= 0) {
+            out.write(buffer, 0, read);
+            out.flush();
+            if (transferred < Long.MAX_VALUE) {
+                try {
+                    transferred = Math.addExact(transferred, read);
+                } catch (ArithmeticException ignore) {
+                    transferred = Long.MAX_VALUE;
+                }
+            }
+        }
+        return transferred;
+    }
+
     private static final Set<String> restrictedHeaders = Set.of("CONNECTION","HOST","UPGRADE","CONTENT-LENGTH");
 
     private static String[] headers(Headers headers) {
diff --git a/src/main/java/robaho/net/httpserver/websockets/WebSocketHandler.java b/src/main/java/robaho/net/httpserver/websockets/WebSocketHandler.java
@@ -16,7 +16,7 @@ public void handle(HttpExchange exchange) throws IOException {
         Headers headers = exchange.getRequestHeaders();
 
         if (!isWebsocketRequested(headers)) {
-            exchange.sendResponseHeaders(Code.HTTP_BAD_REQUEST, 0l);
+            exchange.sendResponseHeaders(Code.HTTP_BAD_REQUEST, -1l);
             return;
         }
 
diff --git a/src/test/test_mains/AsyncHandlerTest.java b/src/test/test_mains/AsyncHandlerTest.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @summary test that handler can send response asynchronously
+ * @library /test/lib
+ * @modules java.base/sun.net.www
+ * @run main/othervm AsyncHandlerTest
+ */
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.URL;
+
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpServer;
+import jdk.test.lib.net.URIBuilder;
+
+public class AsyncHandlerTest implements HttpHandler {
+    private final HttpServer server;
+
+
+    public AsyncHandlerTest(HttpServer server) {
+        this.server = server;
+    }
+
+    @Override
+    public void handle(HttpExchange ex) throws IOException {
+        ex.sendResponseHeaders(200, 0L);
+        server.getExecutor().execute(() -> {
+            try (var os = ex.getResponseBody()) {
+                os.write("hello".getBytes());
+            } catch(IOException e) {
+                e.printStackTrace();
+            }
+        });
+    }
+
+    public static void main(String[] args) throws IOException, InterruptedException {
+        HttpServer server = HttpServer.create(
+                new InetSocketAddress(InetAddress.getLoopbackAddress(), 0), 0);
+
+        try {
+            server.createContext("/context", new AsyncHandlerTest(server));
+            server.start();
+
+            URL url = URIBuilder.newBuilder()
+                    .scheme("http")
+                    .loopback()
+                    .port(server.getAddress().getPort())
+                    .path("/context")
+                    .toURLUnchecked();
+
+            HttpURLConnection urlc = (HttpURLConnection) url.openConnection();
+            System.out.println("Client: Response code received: " + urlc.getResponseCode());
+            try (InputStream is = urlc.getInputStream()) {
+                String body = new String(is.readAllBytes());
+                if(!"hello".equals(body)) throw new IllegalStateException("incorrect body "+body);
+            }
+        } finally {
+            server.stop(0);
+        }
+    }
+}
diff --git a/src/test/test_mains/ProxyHandlerTest.java b/src/test/test_mains/ProxyHandlerTest.java
@@ -42,16 +42,16 @@ public static void main(String[] args) throws Exception {
         try {
             var client = HttpClient.newHttpClient();
 
-            var direct_uri = URIBuilder.newBuilder().scheme("http").host(server1.getAddress().getHostName()).port(server1.getAddress().getPort()).path("/test").build();
-            var response = client.send(HttpRequest.newBuilder(direct_uri).build(),HttpResponse.BodyHandlers.ofString());
+            var uri = URIBuilder.newBuilder().scheme("http").host(server1.getAddress().getHostName()).port(server1.getAddress().getPort()).path("/test").build();
+            var response = client.send(HttpRequest.newBuilder(uri).build(),HttpResponse.BodyHandlers.ofString());
             if(!response.body().equals("hello")) throw new IllegalStateException("incorrect body "+response.body());
 
-            var uri = URIBuilder.newBuilder().scheme("http").host(proxy.getAddress().getHostName()).port(proxy.getAddress().getPort()).path("/test").build();
-            var proxied_response = client.send(HttpRequest.newBuilder(uri).build(),HttpResponse.BodyHandlers.ofString());
-            if(!proxied_response.body().equals("hello")) throw new IllegalStateException("incorrect body "+response.body());
+            uri = URIBuilder.newBuilder().scheme("http").host(proxy.getAddress().getHostName()).port(proxy.getAddress().getPort()).path("/test").build();
+            response = client.send(HttpRequest.newBuilder(uri).build(),HttpResponse.BodyHandlers.ofString());
+            if(!response.body().equals("hello")) throw new IllegalStateException("incorrect body "+response.body());
 
-            var post_response = client.send(HttpRequest.newBuilder(uri).POST(HttpRequest.BodyPublishers.ofString("senditback")).build(),HttpResponse.BodyHandlers.ofString());
-            if(!post_response.body().equals("senditback")) throw new IllegalStateException("incorrect body "+response.body());
+            response = client.send(HttpRequest.newBuilder(uri).POST(HttpRequest.BodyPublishers.ofString("senditback")).build(),HttpResponse.BodyHandlers.ofString());
+            if(!response.body().equals("senditback")) throw new IllegalStateException("incorrect body "+response.body());
 
 
         } finally {
diff --git a/src/test/test_mains/TunnelProxyTest.java b/src/test/test_mains/TunnelProxyTest.java

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,7 @@ It adds websocket support using modified source from nanohttpd.`
`6`	`6`
`7`	`7`	`It has basic server-side proxy support using [ProxyHandler](https://github.com/robaho/httpserver/blob/main/src/main/java/robaho/net/httpserver/extras/ProxyHandler.java).`
`8`	`8`
	`9`	`+ProxyHandler also supports tunneling proxies using CONNECT for https.`
`9`	`10`
`10`	`11`	`All async functionality has been removed. Most synchronized blocks were removed in favor of other Java concurrency concepts.`
`11`	`12`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ public void handle(HttpExchange exchange) throws IOException {`
`16`	`16`	`Headers headers = exchange.getRequestHeaders();`
`17`	`17`
`18`	`18`	`if (!isWebsocketRequested(headers)) {`
`19`		`- exchange.sendResponseHeaders(Code.HTTP_BAD_REQUEST, 0l);`
	`19`	`+ exchange.sendResponseHeaders(Code.HTTP_BAD_REQUEST, -1l);`
`20`	`20`	`return;`
`21`	`21`	`}`
`22`	`22`