Add -b, --base-path option for reverse proxies (#151) (#281)

* Add -b, --base-path option for reverse proxies (#151)

diff --git a/README.md b/README.md
index ff1861b5c41de0e545afc0f978b7fa693402942e..b0614e9dd29f167fadd121ebff439f3024028ab9 100644 (file)
--- a/README.md
+++ b/README.md
@@ -80,6 +80,7 @@ OPTIONS:
     -o, --once              Accept only one client and exit on disconnection
     -B, --browser           Open terminal with the default system browser
     -I, --index             Custom index.html path
+    -b, --base-path         Expected base path for requests coming from a reverse proxy (eg: /mounted/here)
     -6, --ipv6              Enable IPv6 support
     -S, --ssl               Enable SSL
     -C, --ssl-cert          SSL certificate file path

diff --git a/src/http.c b/src/http.c
index 249563880b79738c6235916d62637b358c95aaa7..9c39e3259bd5729eb02e2450175fe1338db68414 100644 (file)
--- a/src/http.c
+++ b/src/http.c
@@ -149,7 +149,7 @@ callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user, voi
             p = buffer + LWS_PRE;
             end = p + sizeof(buffer) - LWS_PRE;
 
-            if (strncmp(pss->path, "/token", 6) == 0) {
+            if (strcmp(pss->path, endpoints.token) == 0) {
                 const char *credential = server->credential != NULL ? server->credential : "";
                 size_t n = sprintf(buf, "{\"token\": \"%s\"}", credential);
                 if (lws_add_http_header_status(wsi, HTTP_STATUS_OK, &p, end))
@@ -171,7 +171,7 @@ callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user, voi
                 break;
             }
 
-            if (strcmp(pss->path, "/") != 0) {
+            if (strcmp(pss->path, endpoints.index) != 0) {
                 lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL);
                 goto try_to_reuse;
             }

diff --git a/src/protocol.c b/src/protocol.c
index aa7eeb6f468d01cf9ec94c4b277606718411d37d..2200f1b9a724f3289eb4df578cdffbd2c40c5b1d 100644 (file)
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -251,7 +251,7 @@ callback_tty(struct lws *wsi, enum lws_callback_reasons reason,
                 lwsl_warn("refuse to serve WS client due to the --max-clients option.\n");
                 return 1;
             }
-            if (lws_hdr_copy(wsi, buf, sizeof(buf), WSI_TOKEN_GET_URI) <= 0 || strcmp(buf, WS_PATH) != 0) {
+            if (lws_hdr_copy(wsi, buf, sizeof(buf), WSI_TOKEN_GET_URI) <= 0 || strcmp(buf, endpoints.ws) != 0) {
                 lwsl_warn("refuse to serve WS client for illegal ws path: %s\n", buf);
                 return 1;
             }

diff --git a/src/server.c b/src/server.c
index b55a2f7d553dd499156e4c09a85c9af2f6741452..dbe0b14806285065c33779a25b4c9294297011d6 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -20,6 +20,7 @@
 volatile bool force_exit = false;
 struct lws_context *context;
 struct server *server;
+struct endpoints endpoints = {"/ws", "/", "/token"};
 
 // websocket protocols
 static const struct lws_protocols protocols[] = {
@@ -46,6 +47,7 @@ static const struct option options[] = {
         {"gid",           required_argument, NULL, 'g'},
         {"signal",        required_argument, NULL, 's'},
         {"index",         required_argument, NULL, 'I'},
+        {"base-path",     required_argument, NULL, 'b'},
         {"ipv6",          no_argument,       NULL, '6'},
         {"ssl",           no_argument,       NULL, 'S'},
         {"ssl-cert",      required_argument, NULL, 'C'},
@@ -64,7 +66,7 @@ static const struct option options[] = {
         {"help",          no_argument,       NULL, 'h'},
         {NULL, 0, 0,                               0}
 };
-static const char *opt_string = "p:i:c:u:g:s:I:6aSC:K:A:Rt:T:Om:oBd:vh";
+static const char *opt_string = "p:i:c:u:g:s:I:b:6aSC:K:A:Rt:T:Om:oBd:vh";
 
 void print_help() {
     fprintf(stderr, "ttyd is a tool for sharing terminal over the web\n\n"
@@ -88,6 +90,7 @@ void print_help() {
                     "    -o, --once              Accept only one client and exit on disconnection\n"
                     "    -B, --browser           Open terminal with the default system browser\n"
                     "    -I, --index             Custom index.html path\n"
+                    "    -b, --base-path         Expected base path for requests coming from a reverse proxy (eg: /mounted/here)\n"
 #ifdef LWS_WITH_IPV6
                     "    -6, --ipv6              Enable IPv6 support\n"
 #endif
@@ -363,6 +366,17 @@ main(int argc, char **argv) {
                     return -1;
                 }
                 break;
+            case 'b': {
+                char path[128];
+                strncpy(path, optarg, 128);
+                size_t len = strlen(path);
+                #define sc(f) \
+                  strncpy(path + len, endpoints.f, 128 - len); \
+                  endpoints.f = strdup(path);
+                sc(ws) sc(index) sc(token)
+                #undef sc
+            }
+                break;
             case '6':
                 info.options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6);
                 break;

diff --git a/src/server.h b/src/server.h
index c032772bbbfbd83e932ea98031a4bf42ba21fc3c..7fed37d5a14acc9756ee142d13ffed2bc49c90f2 100644 (file)
--- a/src/server.h
+++ b/src/server.h
@@ -13,12 +13,17 @@
 #define SET_WINDOW_TITLE '1'
 #define SET_PREFERENCES '2'
 
-// websocket url path
-#define WS_PATH "/ws"
+// url paths
+struct endpoints {
+    char *ws;
+    char *index;
+    char *token;
+};
 
 extern volatile bool force_exit;
 extern struct lws_context *context;
 extern struct server *server;
+extern struct endpoints endpoints;
 
 typedef enum {
     STATE_INIT, STATE_KILL, STATE_EXIT