mirror of
https://github.com/openai/codex.git
synced 2026-05-15 16:53:05 +00:00
e1ba87ccb2
## Why The proxy checks the requested host before opening the upstream connection, but DNS can resolve an allowed hostname to a loopback, private, or other non-public address after that first decision. Without a final check on the actual socket target, a request that looks acceptable at the hostname layer can still connect to a local service once resolution completes. ## What changed - add a shared TCP connector check for direct proxy egress - use that path for HTTP, `CONNECT`, SOCKS5, and MITM upstream connections - keep configured upstream proxy hops on the existing proxy path - add direct-connector coverage for allowed and rejected local targets ## Security impact Direct proxy egress now rechecks the resolved socket address before connecting, closing the gap between hostname policy evaluation and the final network target. ## Verification - `cargo test -p codex-network-proxy` --------- Co-authored-by: Codex <noreply@openai.com>
64 lines
2.0 KiB
Rust
64 lines
2.0 KiB
Rust
#![deny(clippy::print_stdout, clippy::print_stderr)]
|
|
|
|
mod certs;
|
|
mod config;
|
|
mod connect_policy;
|
|
mod http_proxy;
|
|
mod mitm;
|
|
mod network_policy;
|
|
mod policy;
|
|
mod proxy;
|
|
mod reasons;
|
|
mod responses;
|
|
mod runtime;
|
|
mod socks5;
|
|
mod state;
|
|
mod upstream;
|
|
|
|
pub use config::NetworkDomainPermission;
|
|
pub use config::NetworkDomainPermissionEntry;
|
|
pub use config::NetworkDomainPermissions;
|
|
pub use config::NetworkMode;
|
|
pub use config::NetworkProxyConfig;
|
|
pub use config::NetworkUnixSocketPermission;
|
|
pub use config::NetworkUnixSocketPermissions;
|
|
pub use config::host_and_port_from_network_addr;
|
|
pub use network_policy::NetworkDecision;
|
|
pub use network_policy::NetworkDecisionSource;
|
|
pub use network_policy::NetworkPolicyDecider;
|
|
pub use network_policy::NetworkPolicyDecision;
|
|
pub use network_policy::NetworkPolicyRequest;
|
|
pub use network_policy::NetworkPolicyRequestArgs;
|
|
pub use network_policy::NetworkProtocol;
|
|
pub use policy::normalize_host;
|
|
pub use proxy::ALL_PROXY_ENV_KEYS;
|
|
pub use proxy::ALLOW_LOCAL_BINDING_ENV_KEY;
|
|
pub use proxy::Args;
|
|
#[cfg(target_os = "macos")]
|
|
pub use proxy::CODEX_PROXY_GIT_SSH_COMMAND_MARKER;
|
|
pub use proxy::DEFAULT_NO_PROXY_VALUE;
|
|
pub use proxy::NO_PROXY_ENV_KEYS;
|
|
pub use proxy::NetworkProxy;
|
|
pub use proxy::NetworkProxyBuilder;
|
|
pub use proxy::NetworkProxyHandle;
|
|
pub use proxy::PROXY_ACTIVE_ENV_KEY;
|
|
pub use proxy::PROXY_ENV_KEYS;
|
|
#[cfg(target_os = "macos")]
|
|
pub use proxy::PROXY_GIT_SSH_COMMAND_ENV_KEY;
|
|
pub use proxy::PROXY_URL_ENV_KEYS;
|
|
pub use proxy::has_proxy_url_env_vars;
|
|
pub use proxy::proxy_url_env_value;
|
|
pub use runtime::BlockedRequest;
|
|
pub use runtime::BlockedRequestArgs;
|
|
pub use runtime::BlockedRequestObserver;
|
|
pub use runtime::ConfigReloader;
|
|
pub use runtime::ConfigState;
|
|
pub use runtime::NetworkProxyState;
|
|
pub use state::NetworkProxyAuditMetadata;
|
|
pub use state::NetworkProxyConstraintError;
|
|
pub use state::NetworkProxyConstraints;
|
|
pub use state::PartialNetworkConfig;
|
|
pub use state::PartialNetworkProxyConfig;
|
|
pub use state::build_config_state;
|
|
pub use state::validate_policy_against_constraints;
|