net/tshttpproxy: more directly use Transport proxy CONNECT hooks

GetProxyConnectHeader (golang/go#41048) was upstreamed in Go 1.16 and OnProxyConnectResponse (golang/go#54299) in Go 1.20, thus we no longer need to guard their use by the tailscale_go build tag. Updates #7123 Signed-off-by: Mihai Parparita <mihai@tailscale.com>
3 years ago · b6908181ff
parent 0e1403ec39
commit b6908181ff
2 changed files with 24 additions and 51 deletions
--- a/net/tshttpproxy/tshttpproxy.go
+++ b/net/tshttpproxy/tshttpproxy.go
@ -6,6 +6,9 @@
 package tshttpproxy

 import (
+	"context"
+	"fmt"
+	"log"
 	"net/http"
 	"net/url"
 	"os"
@ -90,15 +93,29 @@ func GetAuthHeader(u *url.URL) (string, error) {
 	return "", nil
 }

-var condSetTransportGetProxyConnectHeader func(*http.Transport)
+const proxyAuthHeader = "Proxy-Authorization"

 // SetTransportGetProxyConnectHeader sets the provided Transport's
-// GetProxyConnectHeader field, if the current build of Go supports
-// it.
-//
-// See https://github.com/golang/go/issues/41048.
+// GetProxyConnectHeader field, and adds logging of the received response.
 func SetTransportGetProxyConnectHeader(tr *http.Transport) {
-	if f := condSetTransportGetProxyConnectHeader; f != nil {
-		f(tr)
+	tr.GetProxyConnectHeader = func(ctx context.Context, proxyURL *url.URL, target string) (http.Header, error) {
+		v, err := GetAuthHeader(proxyURL)
+		if err != nil {
+			log.Printf("failed to get proxy Auth header for %v; ignoring: %v", proxyURL, err)
+			return nil, nil
+		}
+		if v == "" {
+			return nil, nil
+		}
+		return http.Header{proxyAuthHeader: []string{v}}, nil
+	}
+	tr.OnProxyConnectResponse = func(ctx context.Context, proxyURL *url.URL, connectReq *http.Request, res *http.Response) error {
+		auth := connectReq.Header.Get(proxyAuthHeader)
+		const truncLen = 20
+		if len(auth) > truncLen {
+			auth = fmt.Sprintf("%s...(%d total bytes)", auth[:truncLen], len(auth))
+		}
+		log.Printf("tshttpproxy: CONNECT response from %v for target %q (auth %q): %v", proxyURL, connectReq.Host, auth, res.Status)
+		return nil
 	}
 }
--- a/net/tshttpproxy/tshttpproxy_future.go
+++ b/net/tshttpproxy/tshttpproxy_future.go
@ -1,44 +0,0 @@
-// Copyright (c) Tailscale Inc & AUTHORS
-// SPDX-License-Identifier: BSD-3-Clause
-
-//go:build tailscale_go
-
-// We want to use https://github.com/golang/go/issues/41048 but it's only in the
-// Tailscale Go tree for now. Hence the build tag above.
-
-package tshttpproxy
-
-import (
-	"context"
-	"fmt"
-	"log"
-	"net/http"
-	"net/url"
-)
-
-const proxyAuthHeader = "Proxy-Authorization"
-
-func init() {
-	condSetTransportGetProxyConnectHeader = func(tr *http.Transport) {
-		tr.GetProxyConnectHeader = func(ctx context.Context, proxyURL *url.URL, target string) (http.Header, error) {
-			v, err := GetAuthHeader(proxyURL)
-			if err != nil {
-				log.Printf("failed to get proxy Auth header for %v; ignoring: %v", proxyURL, err)
-				return nil, nil
-			}
-			if v == "" {
-				return nil, nil
-			}
-			return http.Header{proxyAuthHeader: []string{v}}, nil
-		}
-		tr.OnProxyConnectResponse = func(ctx context.Context, proxyURL *url.URL, connectReq *http.Request, res *http.Response) error {
-			auth := connectReq.Header.Get(proxyAuthHeader)
-			const truncLen = 20
-			if len(auth) > truncLen {
-				auth = fmt.Sprintf("%s...(%d total bytes)", auth[:truncLen], len(auth))
-			}
-			log.Printf("tshttpproxy: CONNECT response from %v for target %q (auth %q): %v", proxyURL, connectReq.Host, auth, res.Status)
-			return nil
-		}
-	}
-}