From a830187d90a6bc36f9466c075ed49076f591efa9 Mon Sep 17 00:00:00 2001
From: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Date: Fri, 28 Apr 2023 17:17:00 +0530
Subject: plumbing: transport/http, add support for custom proxy URLs

Add support for custom HTTP and HTTPS proxies for each session.

The tests require server certificate and a matching private key to be
able to run a TLS server and test HTTPS proxy functionality. The cert
and the key are stored in `plumbing/transport/http/testdata/certs` and
were generated using the following command:
`openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt`
Note: All details were left empty, except for the FQDN for which
example.com was used.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
---
 plumbing/transport/http/common.go | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

(limited to 'plumbing/transport/http/common.go')

diff --git a/plumbing/transport/http/common.go b/plumbing/transport/http/common.go
index 5300341..f9b7a0e 100644
--- a/plumbing/transport/http/common.go
+++ b/plumbing/transport/http/common.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"net/url"
 	"reflect"
 	"strconv"
 	"strings"
@@ -188,6 +189,10 @@ func transportWithCABundle(transport *http.Transport, caBundle []byte) error {
 	return nil
 }
 
+func transportWithProxy(transport *http.Transport, proxyURL *url.URL) {
+	transport.Proxy = http.ProxyURL(proxyURL)
+}
+
 func configureTransport(transport *http.Transport, ep *transport.Endpoint) error {
 	if len(ep.CaBundle) > 0 {
 		if err := transportWithCABundle(transport, ep.CaBundle); err != nil {
@@ -197,6 +202,14 @@ func configureTransport(transport *http.Transport, ep *transport.Endpoint) error
 	if ep.InsecureSkipTLS {
 		transportWithInsecureTLS(transport)
 	}
+
+	if ep.Proxy.URL != "" {
+		proxyURL, err := ep.Proxy.FullURL()
+		if err != nil {
+			return err
+		}
+		transportWithProxy(transport, proxyURL)
+	}
 	return nil
 }
 
@@ -205,7 +218,7 @@ func newSession(c *client, ep *transport.Endpoint, auth transport.AuthMethod) (*
 
 	// We need to configure the http transport if there are transport specific
 	// options present in the endpoint.
-	if len(ep.CaBundle) > 0 || ep.InsecureSkipTLS {
+	if len(ep.CaBundle) > 0 || ep.InsecureSkipTLS || ep.Proxy.URL != "" {
 		var transport *http.Transport
 		// if the client wasn't configured to have a cache for transports then just configure
 		// the transport and use it directly, otherwise try to use the cache.
@@ -223,6 +236,13 @@ func newSession(c *client, ep *transport.Endpoint, auth transport.AuthMethod) (*
 				caBundle:        string(ep.CaBundle),
 				insecureSkipTLS: ep.InsecureSkipTLS,
 			}
+			if ep.Proxy.URL != "" {
+				proxyURL, err := ep.Proxy.FullURL()
+				if err != nil {
+					return nil, err
+				}
+				transportOpts.proxyURL = *proxyURL
+			}
 			var found bool
 			transport, found = c.fetchTransport(transportOpts)
 
-- 
cgit