feat: add whitelist
This commit is contained in:
@@ -93,6 +93,7 @@ int main()
|
||||
Log::error("Proxy failed to start");
|
||||
return 1;
|
||||
}
|
||||
g_Proxy->addWhitelistDomain("bhvrdbd.com");
|
||||
setProxy(true, std::format("127.0.0.1:{}", PROXY_PORT));
|
||||
|
||||
/*
|
||||
|
||||
+57
-2
@@ -185,6 +185,11 @@ Proxy::~Proxy()
|
||||
shutdown();
|
||||
}
|
||||
|
||||
void Proxy::addWhitelistDomain(const std::string& domain)
|
||||
{
|
||||
_whitelistDomains.push_back(domain);
|
||||
}
|
||||
|
||||
bool Proxy::init()
|
||||
{
|
||||
if (!_certManager.init()) return false;
|
||||
@@ -319,6 +324,57 @@ void Proxy::handleClient(SOCKET clientSocket)
|
||||
freeaddrinfo(res);
|
||||
send(clientGuard, "HTTP/1.1 200 Connection Established\r\n\r\n", 39, 0);
|
||||
|
||||
/*
|
||||
whitelist check
|
||||
*/
|
||||
bool isWhitelisted = _whitelistDomains.empty();
|
||||
for (const auto& d : _whitelistDomains)
|
||||
{
|
||||
if (host.find(d) != std::string::npos)
|
||||
{
|
||||
isWhitelisted = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!isWhitelisted)
|
||||
{
|
||||
int tunnelIdleTimeouts = 0;
|
||||
char buf[32768];
|
||||
while (_running)
|
||||
{
|
||||
fd_set readfds;
|
||||
FD_ZERO(&readfds);
|
||||
FD_SET(clientGuard, &readfds);
|
||||
FD_SET(remoteGuard, &readfds);
|
||||
struct timeval tv = {1, 0};
|
||||
|
||||
int sel = select(0, &readfds, NULL, NULL, &tv);
|
||||
if (sel < 0) break;
|
||||
if (sel == 0)
|
||||
{
|
||||
tunnelIdleTimeouts++;
|
||||
if (tunnelIdleTimeouts > 30) break;
|
||||
continue;
|
||||
}
|
||||
tunnelIdleTimeouts = 0;
|
||||
|
||||
if (FD_ISSET(clientGuard, &readfds))
|
||||
{
|
||||
int n = recv(clientGuard, buf, sizeof(buf), 0);
|
||||
if (n <= 0) break;
|
||||
send(remoteGuard, buf, n, 0);
|
||||
}
|
||||
if (FD_ISSET(remoteGuard, &readfds))
|
||||
{
|
||||
int n = recv(remoteGuard, buf, sizeof(buf), 0);
|
||||
if (n <= 0) break;
|
||||
send(clientGuard, buf, n, 0);
|
||||
}
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
SSL
|
||||
*/
|
||||
@@ -509,8 +565,7 @@ void Proxy::handleClient(SOCKET clientSocket)
|
||||
}
|
||||
else if (serverStream.isChunked)
|
||||
{
|
||||
if (serverStream.currentChunkIdx == 0)
|
||||
serverStream.currentChunkIdx = serverStream.headersEnd + 4;
|
||||
if (serverStream.currentChunkIdx == 0) serverStream.currentChunkIdx = serverStream.headersEnd + 4;
|
||||
|
||||
while (serverStream.currentChunkIdx < serverStream.buffer.size())
|
||||
{
|
||||
|
||||
@@ -33,6 +33,8 @@ class Proxy
|
||||
CallbackEvent<std::string&, const std::string&, std::string&> OnClientRequest;
|
||||
CallbackEvent<const std::string&, std::string&, std::string&> OnServerResponse;
|
||||
|
||||
void addWhitelistDomain(const std::string& domain);
|
||||
|
||||
private:
|
||||
void loop();
|
||||
void handleClient(SOCKET clientSocket);
|
||||
@@ -51,4 +53,6 @@ class Proxy
|
||||
|
||||
CertManager _certManager;
|
||||
SSL_CTX* _clientCtx = nullptr;
|
||||
|
||||
std::vector<std::string> _whitelistDomains;
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user