Add server restriction for http path prefix
Former-commit-id: cd23bc1dc834eb5bcae7c1903186b18920d0c77c [formerly c4cf29aaf8715fe6110a8047a8481c00d8b89406] [formerly b57721363e7e6848d96a17332c7737f734fff58f [formerly a32bcb0bf854ea21500fbd7e6556c77c3bb12d86]] Former-commit-id: 236a241138b6f8f014c60d39ab61a3a59e4311aa [formerly 6a6fe77a9e88309c50af8d79cf659f79122e8dd6] Former-commit-id: a1763d2ee5f0be5ab6c03548b07b0660f85d54c5 Former-commit-id: 177d318424a2d2cfa6c81e08a9960bd065010280 Former-commit-id: 4cc14b5a2b13cc9872aeedcd9dd89fbecd7b8fa3 Former-commit-id: 4657ba8c01362551f269a78c52372dbf9af164da [formerly 87b44b99887048179f349e6142a4d17d9127c872] Former-commit-id: cf32d458d507adeecf98911cfef7211f7528f614
This commit is contained in:
Σrebe - Romain GERARD
parent
4e524fe550
commit
e11a04eda8
2 changed files with 34 additions and 5 deletions
|
|
@ -137,6 +137,13 @@ struct Server {
|
|||
#[arg(long, value_name = "DEST:PORT", verbatim_doc_comment)]
|
||||
restrict_to: Option<Vec<String>>,
|
||||
|
||||
/// Server will only accept connection from if this specific path prefix is used during websocket upgrade.
|
||||
/// Useful if you specify in the client a custom path prefix and you want the server to only allow this one.
|
||||
/// The path prefix act as a secret to authenticate clients
|
||||
/// Disabled by default. Accept all path prefix
|
||||
#[arg(long, verbatim_doc_comment)]
|
||||
restrict_http_upgrade_path_prefix: Option<String>,
|
||||
|
||||
/// [Optional] Use custom certificate (.crt) instead of the default embedded self signed certificate.
|
||||
#[arg(long, value_name = "FILE_PATH", verbatim_doc_comment)]
|
||||
tls_certificate: Option<PathBuf>,
|
||||
|
|
@ -414,6 +421,7 @@ pub struct WsServerConfig {
|
|||
pub socket_so_mark: Option<i32>,
|
||||
pub bind: SocketAddr,
|
||||
pub restrict_to: Option<Vec<String>>,
|
||||
pub restrict_http_upgrade_path_prefix: Option<String>,
|
||||
pub websocket_ping_frequency: Option<Duration>,
|
||||
pub timeout_connect: Duration,
|
||||
pub websocket_mask_frame: bool,
|
||||
|
|
@ -634,6 +642,7 @@ async fn main() {
|
|||
socket_so_mark: args.socket_so_mark,
|
||||
bind: args.remote_addr.socket_addrs(|| Some(8080)).unwrap()[0],
|
||||
restrict_to: args.restrict_to,
|
||||
restrict_http_upgrade_path_prefix: args.restrict_http_upgrade_path_prefix,
|
||||
websocket_ping_frequency: args.websocket_ping_frequency_sec,
|
||||
timeout_connect: Duration::from_secs(10),
|
||||
websocket_mask_frame: args.websocket_mask_frame,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue