mirror of https://github.com/sonertari/SSLproxy
Reapply dsthost filter after user auth
We have to apply the DstHost filter both (1) as early as in pxy_conn_connect() and also (2) after user owner of the conn is determined in srvdst connected callback functions for tcp and ssl. Otherwise, we cannot override SSL options of conns if we don't apply it before SSL establishment (1), and we cannot apply user auth filtering rules if we don't apply after determining the user owner of conn (2). This commit actually adds the same calls in the same places as they were before the structured filtering rules were introduced. So for example, now we have to apply filters 4x for an HTTPS conn: 2x dsthost, 1x ssl, and 1x http.pull/48/head
parent
05d5412515
commit
e8f35ce587
Loading…
Reference in New Issue