From d0e7e9046b02d5386ff8afad26b94b6bdd7afd9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Fri, 20 Nov 2020 10:22:08 +0000 Subject: [PATCH] enh: httpproxy: add informational headers to the egress side request --- bin/proxy/osh-http-proxy-worker | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/bin/proxy/osh-http-proxy-worker b/bin/proxy/osh-http-proxy-worker index d469f24..f956739 100755 --- a/bin/proxy/osh-http-proxy-worker +++ b/bin/proxy/osh-http-proxy-worker @@ -20,6 +20,7 @@ use LWP::UserAgent; use MIME::Base64; use POSIX (); use Storable qw{ freeze thaw }; +use Sys::Hostname; use Time::HiRes (); $ENV{'FORCE_STDERR'} = 1; @@ -286,6 +287,14 @@ $req->header('Accept-Encoding' => scalar HTTP::Message::decodable()); $req->header('Authorization', 'Basic ' . encode_base64($user . ':' . $device_password, '')); undef $device_password; # no longer needed +$req->header('X-Bastion-Auth-Mode', $authmode); +$req->header('X-Bastion-Ingress-Client-IP', $ENV{'REMOTE_ADDR'}); +$req->header('X-Bastion-Ingress-Client-Port', $ENV{'REMOTE_PORT'}); +$req->header('X-Bastion-Ingress-Client-User-Agent', $ENV{'HTTP_USER_AGENT'}); +$req->header('X-Bastion-Ingress-Account', $account); +$req->header('X-Bastion-UniqID', $uniqid); +$req->header('X-Bastion-Instance', Sys::Hostname::hostname()); + my $start_time = [Time::HiRes::gettimeofday()]; # to handle timeout properly, we fork a child, he'll do the req, and we'll wait for it, @@ -385,7 +394,9 @@ my @t = localtime($now[0]); my $headers_as_string = $res ? join("", $res->{'_headers'}->as_string("\n")) : ''; my $logfile = sprintf("%s/%s.txt", $finaldir, POSIX::strftime("%F", @t)); my $logline = sprintf( -"--- BASTION_REQUEST UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n%s\n--- DEVICE_ANSWER UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n%s\n--- END UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n\n", + "--- BASTION_REQUEST UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n%s\n". + "--- DEVICE_ANSWER UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n%s\n". + "--- END UNIQID=%s TIMESTAMP=%d.%06d DATE=%s ---\n\n", $uniqid, $now[0], $now[1], POSIX::strftime("%Y/%m/%d.%H:%M:%S", @t), $req->as_string(), $uniqid, $now[0], $now[1], POSIX::strftime("%Y/%m/%d.%H:%M:%S", @t), ($res ? sprintf("%s %s\n%s\n%s", $res->protocol, $res->status_line, $headers_as_string, $res->decoded_content) : '(DEVICE TIMEOUT)'),