ProjectSegfault/go-away
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
153 Commits 6 Branches 11 Tags
v0.5.1
Commit Graph

51 Commits

Author SHA1 Message Date
WeebDataHoarder
cef915b353 http: use Query.Get instead of FormValue, allows POST through 2025-04-23 21:30:39 +02:00
WeebDataHoarder
cb02fb20e9 cmd: print current version name on cmd and Via header 2025-04-23 20:46:17 +02:00
WeebDataHoarder
57755112ea ci: check example policy files 
cmd: add check parameter
 2025-04-23 20:35:20 +02:00
WeebDataHoarder
6bb7ca979d Implement cache for networks 2025-04-23 20:35:20 +02:00
WeebDataHoarder
a0224cb21c policy: allow fetching ASN directly via RADb WHOIS service 2025-04-23 20:35:20 +02:00
WeebDataHoarder
9719c0ff39 Support atomically swapping http handler for passhtrough 2025-04-23 20:35:20 +02:00
WeebDataHoarder
3b11792594 Implement policy snippets 2025-04-23 20:35:20 +02:00
WeebDataHoarder
ead41055ca Condition, rules, state and action refactor / rewrite 
Add nested rules
Add backend action, allow wildcard in backends
Remove poison from tree, update README with action table

Allow defining pass/fail actions on challenge,

Remove redirect/referer parameters on backend pass

Set challenge cookie tied to host

Rewrite DNSBL condition into a challenge

Allow passing an arbitrary path for assets to js challenges

Optimize programs exhaustively on compilation

Activation instead of map for CEL context, faster map access, new network override

Return valid host on cookie setting in case Host is an IP address.
bug: does not work with IPv6, see https://github.com/golang/go/issues/65521

Apply TLS fingerprinter on GetConfigForClient instead of GetCertificate

Cleanup go-away cookies before passing to backend

Code action for specifically replying with an HTTP code
 2025-04-23 20:35:20 +02:00
WeebDataHoarder
c84c67439e Only error when target network list is not reachable 2025-04-15 19:23:04 +02:00
WeebDataHoarder
b0aa9ff450 Status code 200 -> http.StatusOK 2025-04-15 19:19:34 +02:00
WeebDataHoarder
39fbcf92d2 Return in case of not matching poison 2025-04-13 20:39:47 +02:00
WeebDataHoarder
cc89b8657f Only serve poison if encoding for it exists 2025-04-13 11:15:24 +02:00
WeebDataHoarder
f2005d5051 Ensure JA3N is stringified on logger 2025-04-12 15:36:54 +02:00
WeebDataHoarder
617e40099f Check fingerprint ptr before usage 2025-04-12 13:56:25 +02:00
WeebDataHoarder
ca49c99cad Add support for JA3N / JA4 TLS fingerprinting 2025-04-12 02:13:05 +02:00
WeebDataHoarder
87c2845952 Send request data early 2025-04-11 06:22:48 +02:00
WeebDataHoarder
7829eece77 Added backend IP header support 2025-04-11 06:02:01 +02:00
WeebDataHoarder
ca4101df7c Use self-redirect on cookie challenge 2025-04-10 05:27:44 +02:00
WeebDataHoarder
527f1342e8 Issue token then redirect to verify under cookie challenge 2025-04-10 05:15:48 +02:00
WeebDataHoarder
ce111f6ae9 Add DNSBL querying in conditions 2025-04-08 22:11:58 +02:00
WeebDataHoarder
153870acc0 Serve pprof server when debug mode is enabled 2025-04-08 20:06:28 +02:00
WeebDataHoarder
186904e020 Mark challenge keys with whether client was ipv4 or ipv6, allow retrying IPv4 -> IPv6 happy eyeballs automatically 2025-04-08 14:07:24 +02:00
WeebDataHoarder
f80d6ebd15 Set X-Away-Id on response 2025-04-08 13:13:19 +02:00
WeebDataHoarder
10dc2a0177 Remove Sec-Ch-Ua and Sec-Ch-Ua-Platform from challenge key 2025-04-08 12:49:55 +02:00
WeebDataHoarder
baf9df9f0a Allow conditions on challenges, and early hint deadline 2025-04-08 11:40:16 +02:00
WeebDataHoarder
f272a5ae72 Load challenge as style 2025-04-08 02:38:53 +02:00
WeebDataHoarder
2ce9709667 New challenge for HTTP/2 clients, preload-link 2025-04-08 02:17:03 +02:00
WeebDataHoarder
b3f471bb30 Pass http challenge if we passed it previously on the request 2025-04-07 23:44:29 +02:00
WeebDataHoarder
1c2d1e008c Added refresh button to challenges and deny pages where reasonable, ensure no open redirect or other 2025-04-07 19:24:22 +02:00
WeebDataHoarder
e08a5697f6 Minor cleanup of challenges code, bind session http cookies to issued tokens 2025-04-07 19:00:53 +02:00
WeebDataHoarder
0968e6feae Move challenge structs to external state 2025-04-07 16:22:16 +02:00
WeebDataHoarder
02f3c1cb19 Rearranged wasm challenge utils 2025-04-06 12:51:27 +02:00
WeebDataHoarder
65561ab00e Add wasm helper, wasm test utility 2025-04-06 11:44:06 +02:00
WeebDataHoarder
411f028f56 Move backends to cmd args, allow setting private key seed via parameter or ENV var 2025-04-06 03:08:19 +02:00
WeebDataHoarder
7d436cbdb4 Embed go exp package requirements to ensure we don't use arbitrary exp, move utilities to utils 2025-04-06 02:02:54 +02:00
WeebDataHoarder
617ec804bc Closer file structure to desired 2025-04-06 01:46:18 +02:00
WeebDataHoarder
c222508e5c Add url query to logging 2025-04-04 13:44:47 +02:00
WeebDataHoarder
43876c4dd8 Lower requirements to go 1.22 2025-04-04 13:33:47 +02:00
WeebDataHoarder
c23cea260c Add must-revalidate cache-control header on challenge mjs 2025-04-04 13:13:46 +02:00
WeebDataHoarder
e9269338e7 Add response poisoning 2025-04-03 14:18:55 +02:00
WeebDataHoarder
6f73337017 Add extra challenge pass message for inline challenges 2025-04-03 06:33:05 +02:00
WeebDataHoarder
01466e1686 Changed level for startup messages 2025-04-03 06:24:06 +02:00
WeebDataHoarder
c76889efa2 Add logging levels and timings 2025-04-03 06:16:44 +02:00
WeebDataHoarder
ca3a59c10a Load theme onto template data 2025-04-03 04:46:20 +02:00
WeebDataHoarder
f9634cfc71 Revamp templates, allow loading external templates, support themes 2025-04-03 04:39:33 +02:00
WeebDataHoarder
150927e7ba Allow multiple backends 2025-04-02 19:23:09 +02:00
WeebDataHoarder
8d9d5a8ab3 Allow sending resources on key challenge, send multiple challenges to specific browsers 2025-04-02 14:43:39 +02:00
WeebDataHoarder
dbff9342cb Added method matching on rules 2025-04-02 14:08:18 +02:00
WeebDataHoarder
b6537eaf50 Add resource-load challenge 2025-04-02 11:41:29 +02:00
WeebDataHoarder
3cd880b169 Proper challenge/error pages 2025-04-01 22:12:15 +02:00