Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427)

* Support "http_hidden_proxy" ENV var for hidden service only proxy * Fallback to http_proxy if http_hidden_proxy is not set
2022-08-25 11:41:14 +09:00 · 2022-08-25 11:41:14 +09:00 · 861b35dd54
commit 861b35dd54
parent 1165943968
2 changed files with 32 additions and 3 deletions
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@ -31,7 +31,7 @@ class Request
    @url         = Addressable::URI.parse(url).normalize
    @http_client = options.delete(:http_client)
    @options     = options.merge(socket_class: use_proxy? ? ProxySocket : Socket)
-    @options     = @options.merge(Rails.configuration.x.http_client_proxy) if use_proxy?
+    @options     = @options.merge(proxy_url) if use_proxy?
    @headers     = {}

    raise Mastodon::HostValidationError, 'Instance does not support hidden service connections' if block_hidden_service?
@ -141,11 +141,23 @@ class Request
  end

  def use_proxy?
-    Rails.configuration.x.http_client_proxy.present?
+    proxy_url.present?
+  end
+
+  def proxy_url
+    if hidden_service? && Rails.configuration.x.http_client_hidden_proxy.present?
+      Rails.configuration.x.http_client_hidden_proxy
+    else
+      Rails.configuration.x.http_client_proxy
+    end
  end

  def block_hidden_service?
-    !Rails.configuration.x.access_to_hidden_service && /\.(onion|i2p)$/.match?(@url.host)
+    !Rails.configuration.x.access_to_hidden_service && hidden_service?
+  end
+
+  def hidden_service?
+    /\.(onion|i2p)$/.match?(@url.host)
  end

  module ClientLimit
--- a/config/initializers/http_client_proxy.rb
+++ b/config/initializers/http_client_proxy.rb
@ -18,5 +18,22 @@ Rails.application.configure do
    }.compact
  end

+  if ENV['http_hidden_proxy'].present?
+    proxy = URI.parse(ENV['http_hidden_proxy'])
+
+    raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme
+    raise "No proxy host" unless proxy.host
+
+    host = proxy.host
+    host = host[1...-1] if host[0] == '[' # for IPv6 address
+
+    config.x.http_client_hidden_proxy[:proxy] = {
+      proxy_address: host,
+      proxy_port: proxy.port,
+      proxy_username: proxy.user,
+      proxy_password: proxy.password,
+    }.compact
+  end
+
  config.x.access_to_hidden_service = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
 end