Connection to an internal proxy does not work
sll552 opened this issue · 7 comments
Specifications
Please list the go-camo version, as well as the Operation System (and version)
that go-camo is running on. The go-camo version can be found by go-camo -V
.
Version: 2.3.0
Platform: Ubuntu 20.04 Container
Expected Behavior
When a proxy is configured and it normally (enterprise environment) has an internal ip, camo should be able to connect to the proxy.
Actual Behavior
from the log:
time="2022-01-13T08:27:36.137103866Z" level="D" msg="ip filter rejection from dial.control" err="Get \"someUrl\": proxyconnect tcp: dial tcp [::1]:4750: ip rejection"
In the case above a proxy on localhost is used.
Steps to reproduce
Configure camo to use a proxy with a private ip.
Is the proxy url specified as ipv6 ([::1]:4750
)?
My intuition is that the DialContext.Control may be applying the whitelist/blacklist to the proxy requests themselves. I'll have to dig into it to confirm though.
Is the proxy url specified as ipv6 (
[::1]:4750
)?
It was specified with
HTTP_PROXY="http://localhost:4750"
HTTPS_PROXY="http://localhost:4750"
its possible that it resolves to localhost6 but that shouldn't make a difference anyway?
I created a branch with a possible fix for this (consider it beta quality).
Branch: https://github.com/cactus/go-camo/tree/proxyproxy
Build (includes all architectures): go-camo-2.3.0-5-g010d54b.go1176.tar.gz
Let me know if you end up testing it out. I still want to do some performance analysis on my changes, which may take a while.
Tested, and seems to be working as expected. Thanks for the fast fix 🥇
I just merged the branch into master -- I'll do some more testing and let it bake a little while before cutting a new release.
Closing as fixed.
FYI - New release published with this fix.
https://github.com/cactus/go-camo/releases/tag/v2.4.0