ssh proxy: added support for https requests too

2025-12-04 00:01:13 -05:00 · 2018-12-23 02:24:54 +00:00 · 2018-12-23 02:24:54 +00:00 · 72f5fbdfc9
commit 72f5fbdfc9
parent cf7b4bff94
1 changed files with 25 additions and 5 deletions
--- a/lib/httpx/plugins/proxy/ssh.rb
+++ b/lib/httpx/plugins/proxy/ssh.rb
@ -6,10 +6,10 @@ module HTTPX
  module Plugins
    module Proxy
      module SSH
-      	def self.load_dependencies(klass, *)
+        def self.load_dependencies(_klass, *)
          # klass.plugin(:proxy)
          require "net/ssh/gateway"
-      	end
+        end

        module InstanceMethods
          def with_proxy(*args)
@ -23,7 +23,7 @@ module HTTPX
            ssh_uris = ssh_options.delete(:uri)
            ssh_username = ssh_options.delete(:username)
            ssh_uri = URI.parse(ssh_uris.shift)
-            ssh_options[:port] ||= ssh_uri.port || 22 
+            ssh_options[:port] ||= ssh_uri.port || 22
            if @options.debug
              ssh_options[:verbose] = @options.debug_level == 2 ? :debug : :info
            end
@ -31,13 +31,33 @@ module HTTPX
            @_gateway = Net::SSH::Gateway.new(ssh_uri.host, ssh_username, ssh_options)
            begin
              @_gateway.open(request_uri.host, request_uri.port) do |local_port|
-                io = TCPSocket.open("localhost", local_port)
+                io = build_gateway_socket(local_port, request_uri)
                super(*requests, **options.merge(io: io))
              end
            ensure
              @_gateway.shutdown!
            end
          end
+
+          def build_gateway_socket(port, request_uri)
+            case request_uri.scheme
+            when "https"
+              ctx = OpenSSL::SSL::SSLContext.new
+              ctx_options = SSL::TLS_OPTIONS.merge(@options.ssl)
+              ctx.set_params(ctx_options) unless ctx_options.empty?
+              sock = TCPSocket.open("localhost", port)
+              io = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+              io.hostname = request_uri.host
+              io.sync_close = true
+              io.connect
+              io.post_connection_check(request_uri.host) if ctx.verify_mode != OpenSSL::SSL::VERIFY_NONE
+              io
+            when "http"
+              TCPSocket.open("localhost", port)
+            else
+              raise Error, "unexpected scheme: #{request_uri.scheme}"
+            end
+          end
        end

        module OptionsMethods
@ -52,4 +72,4 @@ module HTTPX
    end
    register_plugin :"proxy/ssh", Proxy::SSH
  end
-end
+end