add list support for auther, admission and bypass
This commit is contained in:
ginuerzh
@ -98,21 +98,25 @@ type SelectorConfig struct {
|
||||
}
|
||||
|
||||
type AdmissionConfig struct {
|
||||
Name string `json:"name"`
|
||||
Reverse bool `yaml:",omitempty" json:"reverse,omitempty"`
|
||||
Matchers []string `json:"matchers"`
|
||||
Reload time.Duration `yaml:",omitempty" json:"reload,omitempty"`
|
||||
File *FileLoader `yaml:",omitempty" json:"file,omitempty"`
|
||||
Redis *RedisLoader `yaml:",omitempty" json:"redis,omitempty"`
|
||||
Name string `json:"name"`
|
||||
// DEPRECATED by whitelist since beta.4
|
||||
Reverse bool `yaml:",omitempty" json:"reverse,omitempty"`
|
||||
Whitelist bool `yaml:",omitempty" json:"whitelist,omitempty"`
|
||||
Matchers []string `json:"matchers"`
|
||||
Reload time.Duration `yaml:",omitempty" json:"reload,omitempty"`
|
||||
File *FileLoader `yaml:",omitempty" json:"file,omitempty"`
|
||||
Redis *RedisLoader `yaml:",omitempty" json:"redis,omitempty"`
|
||||
}
|
||||
|
||||
type BypassConfig struct {
|
||||
Name string `json:"name"`
|
||||
Reverse bool `yaml:",omitempty" json:"reverse,omitempty"`
|
||||
Matchers []string `json:"matchers"`
|
||||
Reload time.Duration `yaml:",omitempty" json:"reload,omitempty"`
|
||||
File *FileLoader `yaml:",omitempty" json:"file,omitempty"`
|
||||
Redis *RedisLoader `yaml:",omitempty" json:"redis,omitempty"`
|
||||
Name string `json:"name"`
|
||||
// DEPRECATED by whitelist since beta.4
|
||||
Reverse bool `yaml:",omitempty" json:"reverse,omitempty"`
|
||||
Whitelist bool `yaml:",omitempty" json:"whitelist,omitempty"`
|
||||
Matchers []string `json:"matchers"`
|
||||
Reload time.Duration `yaml:",omitempty" json:"reload,omitempty"`
|
||||
File *FileLoader `yaml:",omitempty" json:"file,omitempty"`
|
||||
Redis *RedisLoader `yaml:",omitempty" json:"redis,omitempty"`
|
||||
}
|
||||
|
||||
type FileLoader struct {
|
||||
@ -184,6 +188,7 @@ type ListenerConfig struct {
|
||||
Type string `json:"type"`
|
||||
Chain string `yaml:",omitempty" json:"chain,omitempty"`
|
||||
Auther string `yaml:",omitempty" json:"auther,omitempty"`
|
||||
Authers []string `yaml:",omitempty" json:"authers,omitempty"`
|
||||
Auth *AuthConfig `yaml:",omitempty" json:"auth,omitempty"`
|
||||
TLS *TLSConfig `yaml:",omitempty" json:"tls,omitempty"`
|
||||
Metadata map[string]any `yaml:",omitempty" json:"metadata,omitempty"`
|
||||
@ -194,6 +199,7 @@ type HandlerConfig struct {
|
||||
Retries int `yaml:",omitempty" json:"retries,omitempty"`
|
||||
Chain string `yaml:",omitempty" json:"chain,omitempty"`
|
||||
Auther string `yaml:",omitempty" json:"auther,omitempty"`
|
||||
Authers []string `yaml:",omitempty" json:"authers,omitempty"`
|
||||
Auth *AuthConfig `yaml:",omitempty" json:"auth,omitempty"`
|
||||
TLS *TLSConfig `yaml:",omitempty" json:"tls,omitempty"`
|
||||
Metadata map[string]any `yaml:",omitempty" json:"metadata,omitempty"`
|
||||
@ -223,18 +229,20 @@ type SockOptsConfig struct {
|
||||
}
|
||||
|
||||
type ServiceConfig struct {
|
||||
Name string `json:"name"`
|
||||
Addr string `yaml:",omitempty" json:"addr,omitempty"`
|
||||
Interface string `yaml:",omitempty" json:"interface,omitempty"`
|
||||
SockOpts *SockOptsConfig `yaml:"sockopts,omitempty" json:"sockopts,omitempty"`
|
||||
Admission string `yaml:",omitempty" json:"admission,omitempty"`
|
||||
Bypass string `yaml:",omitempty" json:"bypass,omitempty"`
|
||||
Resolver string `yaml:",omitempty" json:"resolver,omitempty"`
|
||||
Hosts string `yaml:",omitempty" json:"hosts,omitempty"`
|
||||
Recorders []*RecorderObject `yaml:",omitempty" json:"recorders,omitempty"`
|
||||
Handler *HandlerConfig `yaml:",omitempty" json:"handler,omitempty"`
|
||||
Listener *ListenerConfig `yaml:",omitempty" json:"listener,omitempty"`
|
||||
Forwarder *ForwarderConfig `yaml:",omitempty" json:"forwarder,omitempty"`
|
||||
Name string `json:"name"`
|
||||
Addr string `yaml:",omitempty" json:"addr,omitempty"`
|
||||
Interface string `yaml:",omitempty" json:"interface,omitempty"`
|
||||
SockOpts *SockOptsConfig `yaml:"sockopts,omitempty" json:"sockopts,omitempty"`
|
||||
Admission string `yaml:",omitempty" json:"admission,omitempty"`
|
||||
Admissions []string `yaml:",omitempty" json:"admissions,omitempty"`
|
||||
Bypass string `yaml:",omitempty" json:"bypass,omitempty"`
|
||||
Bypasses []string `yaml:",omitempty" json:"bypasses,omitempty"`
|
||||
Resolver string `yaml:",omitempty" json:"resolver,omitempty"`
|
||||
Hosts string `yaml:",omitempty" json:"hosts,omitempty"`
|
||||
Recorders []*RecorderObject `yaml:",omitempty" json:"recorders,omitempty"`
|
||||
Handler *HandlerConfig `yaml:",omitempty" json:"handler,omitempty"`
|
||||
Listener *ListenerConfig `yaml:",omitempty" json:"listener,omitempty"`
|
||||
Forwarder *ForwarderConfig `yaml:",omitempty" json:"forwarder,omitempty"`
|
||||
}
|
||||
|
||||
type ChainConfig struct {
|
||||
@ -249,6 +257,7 @@ type HopConfig struct {
|
||||
SockOpts *SockOptsConfig `yaml:"sockopts,omitempty" json:"sockopts,omitempty"`
|
||||
Selector *SelectorConfig `yaml:",omitempty" json:"selector,omitempty"`
|
||||
Bypass string `yaml:",omitempty" json:"bypass,omitempty"`
|
||||
Bypasses []string `yaml:",omitempty" json:"bypasses,omitempty"`
|
||||
Resolver string `yaml:",omitempty" json:"resolver,omitempty"`
|
||||
Hosts string `yaml:",omitempty" json:"hosts,omitempty"`
|
||||
Nodes []*NodeConfig `json:"nodes"`
|
||||
@ -260,6 +269,7 @@ type NodeConfig struct {
|
||||
Interface string `yaml:",omitempty" json:"interface,omitempty"`
|
||||
SockOpts *SockOptsConfig `yaml:"sockopts,omitempty" json:"sockopts,omitempty"`
|
||||
Bypass string `yaml:",omitempty" json:"bypass,omitempty"`
|
||||
Bypasses []string `yaml:",omitempty" json:"bypasses,omitempty"`
|
||||
Resolver string `yaml:",omitempty" json:"resolver,omitempty"`
|
||||
Hosts string `yaml:",omitempty" json:"hosts,omitempty"`
|
||||
Connector *ConnectorConfig `yaml:",omitempty" json:"connector,omitempty"`
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package parsing
|
||||
|
||||
import (
|
||||
"github.com/go-gost/core/bypass"
|
||||
"github.com/go-gost/core/chain"
|
||||
"github.com/go-gost/core/connector"
|
||||
"github.com/go-gost/core/dialer"
|
||||
@ -96,6 +97,9 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
|
||||
if v.Bypass == "" {
|
||||
v.Bypass = hop.Bypass
|
||||
}
|
||||
if v.Bypasses == nil {
|
||||
v.Bypasses = hop.Bypasses
|
||||
}
|
||||
if v.Resolver == "" {
|
||||
v.Resolver = hop.Resolver
|
||||
}
|
||||
@ -123,10 +127,20 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
|
||||
WithInterface(v.Interface).
|
||||
WithSockOpts(sockOpts)
|
||||
|
||||
var bypasses []bypass.Bypass
|
||||
if bp := registry.BypassRegistry().Get(v.Bypass); bp != nil {
|
||||
bypasses = append(bypasses, bp)
|
||||
}
|
||||
for _, s := range v.Bypasses {
|
||||
if bp := registry.BypassRegistry().Get(s); bp != nil {
|
||||
bypasses = append(bypasses, bp)
|
||||
}
|
||||
}
|
||||
|
||||
node := &chain.Node{
|
||||
Name: v.Name,
|
||||
Addr: v.Addr,
|
||||
Bypass: registry.BypassRegistry().Get(v.Bypass),
|
||||
Bypass: bypass.BypassList(bypasses...),
|
||||
Resolver: registry.ResolverRegistry().Get(v.Resolver),
|
||||
Hosts: registry.HostsRegistry().Get(v.Hosts),
|
||||
Marker: &chain.FailMarker{},
|
||||
|
||||
@ -113,7 +113,7 @@ func ParseAdmission(cfg *config.AdmissionConfig) admission.Admission {
|
||||
}
|
||||
opts := []admission_impl.Option{
|
||||
admission_impl.MatchersOption(cfg.Matchers),
|
||||
admission_impl.ReverseOption(cfg.Reverse),
|
||||
admission_impl.WhitelistOption(cfg.Reverse || cfg.Whitelist),
|
||||
admission_impl.ReloadPeriodOption(cfg.Reload),
|
||||
admission_impl.LoggerOption(logger.Default().WithFields(map[string]any{
|
||||
"kind": "admission",
|
||||
@ -141,7 +141,7 @@ func ParseBypass(cfg *config.BypassConfig) bypass.Bypass {
|
||||
|
||||
opts := []bypass_impl.Option{
|
||||
bypass_impl.MatchersOption(cfg.Matchers),
|
||||
bypass_impl.ReverseOption(cfg.Reverse),
|
||||
bypass_impl.WhitelistOption(cfg.Reverse || cfg.Whitelist),
|
||||
bypass_impl.ReloadPeriodOption(cfg.Reload),
|
||||
bypass_impl.LoggerOption(logger.Default().WithFields(map[string]any{
|
||||
"kind": "bypass",
|
||||
|
||||
@ -3,6 +3,9 @@ package parsing
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/go-gost/core/admission"
|
||||
"github.com/go-gost/core/auth"
|
||||
"github.com/go-gost/core/bypass"
|
||||
"github.com/go-gost/core/chain"
|
||||
"github.com/go-gost/core/handler"
|
||||
"github.com/go-gost/core/listener"
|
||||
@ -51,17 +54,37 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
|
||||
tlsConfig = defaultTLSConfig.Clone()
|
||||
}
|
||||
|
||||
auther := ParseAutherFromAuth(cfg.Listener.Auth)
|
||||
if cfg.Listener.Auther != "" {
|
||||
auther = registry.AutherRegistry().Get(cfg.Listener.Auther)
|
||||
var authers []auth.Authenticator
|
||||
if auther := registry.AutherRegistry().Get(cfg.Listener.Auther); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
for _, s := range cfg.Listener.Authers {
|
||||
if auther := registry.AutherRegistry().Get(s); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
}
|
||||
if len(authers) == 0 {
|
||||
if auther := ParseAutherFromAuth(cfg.Listener.Auth); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
}
|
||||
|
||||
var admissions []admission.Admission
|
||||
if adm := registry.AdmissionRegistry().Get(cfg.Admission); adm != nil {
|
||||
admissions = append(admissions, adm)
|
||||
}
|
||||
for _, s := range cfg.Admissions {
|
||||
if adm := registry.AdmissionRegistry().Get(s); adm != nil {
|
||||
admissions = append(admissions, adm)
|
||||
}
|
||||
}
|
||||
|
||||
ln := registry.ListenerRegistry().Get(cfg.Listener.Type)(
|
||||
listener.AddrOption(cfg.Addr),
|
||||
listener.AutherOption(auther),
|
||||
listener.AutherOption(auth.AuthenticatorList(authers...)),
|
||||
listener.AuthOption(parseAuth(cfg.Listener.Auth)),
|
||||
listener.TLSConfigOption(tlsConfig),
|
||||
listener.AdmissionOption(registry.AdmissionRegistry().Get(cfg.Admission)),
|
||||
listener.AdmissionOption(admission.AdmissionList(admissions...)),
|
||||
listener.ChainOption(registry.ChainRegistry().Get(cfg.Listener.Chain)),
|
||||
listener.LoggerOption(listenerLogger),
|
||||
listener.ServiceOption(cfg.Name),
|
||||
@ -93,9 +116,19 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
|
||||
tlsConfig = defaultTLSConfig.Clone()
|
||||
}
|
||||
|
||||
auther = ParseAutherFromAuth(cfg.Handler.Auth)
|
||||
if cfg.Handler.Auther != "" {
|
||||
auther = registry.AutherRegistry().Get(cfg.Handler.Auther)
|
||||
authers = nil
|
||||
if auther := registry.AutherRegistry().Get(cfg.Handler.Auther); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
for _, s := range cfg.Handler.Authers {
|
||||
if auther := registry.AutherRegistry().Get(s); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
}
|
||||
if len(authers) == 0 {
|
||||
if auther := ParseAutherFromAuth(cfg.Handler.Auth); auther != nil {
|
||||
authers = append(authers, auther)
|
||||
}
|
||||
}
|
||||
|
||||
var sockOpts *chain.SockOpts
|
||||
@ -123,11 +156,20 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
|
||||
WithRecorder(recorders...).
|
||||
WithLogger(handlerLogger)
|
||||
|
||||
var bypasses []bypass.Bypass
|
||||
if bp := registry.BypassRegistry().Get(cfg.Bypass); bp != nil {
|
||||
bypasses = append(bypasses, bp)
|
||||
}
|
||||
for _, s := range cfg.Bypasses {
|
||||
if bp := registry.BypassRegistry().Get(s); bp != nil {
|
||||
bypasses = append(bypasses, bp)
|
||||
}
|
||||
}
|
||||
h := registry.HandlerRegistry().Get(cfg.Handler.Type)(
|
||||
handler.RouterOption(router),
|
||||
handler.AutherOption(auther),
|
||||
handler.AutherOption(auth.AuthenticatorList(authers...)),
|
||||
handler.AuthOption(parseAuth(cfg.Handler.Auth)),
|
||||
handler.BypassOption(registry.BypassRegistry().Get(cfg.Bypass)),
|
||||
handler.BypassOption(bypass.BypassList(bypasses...)),
|
||||
handler.TLSConfigOption(tlsConfig),
|
||||
handler.LoggerOption(handlerLogger),
|
||||
)
|
||||
@ -145,7 +187,7 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
|
||||
}
|
||||
|
||||
s := service.NewService(cfg.Name, ln, h,
|
||||
service.AdmissionOption(registry.AdmissionRegistry().Get(cfg.Admission)),
|
||||
service.AdmissionOption(admission.AdmissionList(admissions...)),
|
||||
service.LoggerOption(serviceLogger),
|
||||
)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user