fix(route-connection-handler): Forward non-TLS connections on HttpProxy ports to fix ACME HTTP-01 challenge handling

2025-05-19 19:59:22 +00:00
parent 85bd448858
commit 42fe1e5d15
17 changed files with 1020 additions and 530 deletions
--- a/ts/proxies/smart-proxy/http-proxy-bridge.ts
+++ b/ts/proxies/smart-proxy/http-proxy-bridge.ts
@ -63,11 +63,24 @@ export class HttpProxyBridge {
   */
  private routeToHttpProxyConfig(route: IRouteConfig): any {
    // Convert route to HttpProxy domain config format
+    let domain = '*';
+    if (route.match.domains) {
+      if (Array.isArray(route.match.domains)) {
+        domain = route.match.domains[0] || '*';
+      } else {
+        domain = route.match.domains;
+      }
+    }
+    
    return {
-      domain: route.match.domains?.[0] || '*',
+      domain,
      target: route.action.target,
      tls: route.action.tls,
-      security: route.action.security
+      security: route.action.security,
+      match: {
+        ...route.match,
+        domains: domain  // Ensure domains is always set for HttpProxy
+      }
    };
  }
  
--- a/ts/proxies/smart-proxy/route-connection-handler.ts
+++ b/ts/proxies/smart-proxy/route-connection-handler.ts
@ -552,52 +552,74 @@ export class RouteConnectionHandler {
          }
      }
    } else {
-      // No TLS settings - basic forwarding
-      if (this.settings.enableDetailedLogging) {
-        console.log(
-          `[${connectionId}] Using basic forwarding to ${action.target.host}:${action.target.port}`
+      // No TLS settings - check if this port should use HttpProxy
+      const isHttpProxyPort = this.settings.useHttpProxy?.includes(record.localPort);
+      
+      if (isHttpProxyPort && this.httpProxyBridge.getHttpProxy()) {
+        // Forward non-TLS connections to HttpProxy if configured
+        if (this.settings.enableDetailedLogging) {
+          console.log(
+            `[${connectionId}] Using HttpProxy for non-TLS connection on port ${record.localPort}`
+          );
+        }
+        
+        this.httpProxyBridge.forwardToHttpProxy(
+          connectionId,
+          socket,
+          record,
+          initialChunk,
+          this.settings.httpProxyPort || 8443,
+          (reason) => this.connectionManager.initiateCleanupOnce(record, reason)
+        );
+        return;
+      } else {
+        // Basic forwarding
+        if (this.settings.enableDetailedLogging) {
+          console.log(
+            `[${connectionId}] Using basic forwarding to ${action.target.host}:${action.target.port}`
+          );
+        }
+
+        // Get the appropriate host value
+        let targetHost: string;
+
+        if (typeof action.target.host === 'function') {
+          // For function-based host, use the same routeContext created earlier
+          const hostResult = action.target.host(routeContext);
+          targetHost = Array.isArray(hostResult)
+            ? hostResult[Math.floor(Math.random() * hostResult.length)]
+            : hostResult;
+        } else {
+          // For static host value
+          targetHost = Array.isArray(action.target.host)
+            ? action.target.host[Math.floor(Math.random() * action.target.host.length)]
+            : action.target.host;
+        }
+
+        // Determine port - either function-based, static, or preserve incoming port
+        let targetPort: number;
+        if (typeof action.target.port === 'function') {
+          targetPort = action.target.port(routeContext);
+        } else if (action.target.port === 'preserve') {
+          targetPort = record.localPort;
+        } else {
+          targetPort = action.target.port;
+        }
+
+        // Update the connection record and context with resolved values
+        record.targetHost = targetHost;
+        record.targetPort = targetPort;
+
+        return this.setupDirectConnection(
+          socket,
+          record,
+          record.lockedDomain,
+          initialChunk,
+          undefined,
+          targetHost,
+          targetPort
        );
      }
-
-      // Get the appropriate host value
-      let targetHost: string;
-
-      if (typeof action.target.host === 'function') {
-        // For function-based host, use the same routeContext created earlier
-        const hostResult = action.target.host(routeContext);
-        targetHost = Array.isArray(hostResult)
-          ? hostResult[Math.floor(Math.random() * hostResult.length)]
-          : hostResult;
-      } else {
-        // For static host value
-        targetHost = Array.isArray(action.target.host)
-          ? action.target.host[Math.floor(Math.random() * action.target.host.length)]
-          : action.target.host;
-      }
-
-      // Determine port - either function-based, static, or preserve incoming port
-      let targetPort: number;
-      if (typeof action.target.port === 'function') {
-        targetPort = action.target.port(routeContext);
-      } else if (action.target.port === 'preserve') {
-        targetPort = record.localPort;
-      } else {
-        targetPort = action.target.port;
-      }
-
-      // Update the connection record and context with resolved values
-      record.targetHost = targetHost;
-      record.targetPort = targetPort;
-
-      return this.setupDirectConnection(
-        socket,
-        record,
-        record.lockedDomain,
-        initialChunk,
-        undefined,
-        targetHost,
-        targetPort
-      );
    }
  }