quick fix ACME instance, burn some logs

This commit is contained in:
AJ ONeal 2020-05-22 04:34:37 -06:00
parent 13d5676a14
commit 1f39f57837
6 changed files with 50 additions and 39 deletions

View File

@ -1,7 +1,6 @@
package packer package packer
import ( import (
"fmt"
"net" "net"
"time" "time"
) )
@ -61,7 +60,8 @@ func (c *ConnWrap) Servername() string {
return "" return ""
} }
// isTerminated returns true if it is certain that the connection has been decrypted at least once // isTerminated returns true if net.Conn is either a ConnWrap{ tls.Conn },
// or a telebit.Conn with a non-encrypted `scheme` such as "tcp" or "http".
func (c *ConnWrap) isTerminated() bool { func (c *ConnWrap) isTerminated() bool {
if nil != c.Plain { if nil != c.Plain {
return true return true
@ -71,7 +71,6 @@ func (c *ConnWrap) isTerminated() bool {
case *ConnWrap: case *ConnWrap:
return conn.isTerminated() return conn.isTerminated()
case *Conn: case *Conn:
fmt.Printf("[debug] isTerminated: %#v\n", conn.relayTargetAddr)
_, ok := encryptedSchemes[string(conn.relayTargetAddr.scheme)] _, ok := encryptedSchemes[string(conn.relayTargetAddr.scheme)]
return !ok return !ok
} }

View File

@ -3,7 +3,6 @@ package packer
import ( import (
"context" "context"
"errors" "errors"
"fmt"
"io" "io"
"sync" "sync"
) )
@ -60,7 +59,7 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error {
rx := make(chan []byte) rx := make(chan []byte)
rxErr := make(chan error) rxErr := make(chan error)
fmt.Println("what's the source to encode?", src) //fmt.Println("[debug] what's the source to encode?", src)
go func() { go func() {
for { for {
@ -95,8 +94,8 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error {
//rin.Close() //rin.Close()
return err return err
} }
fmt.Println("[debug] encode header:", string(header)) //fmt.Println("[debug] encode header:", string(header))
fmt.Println("[debug] encode payload:", string(b)) //fmt.Println("[debug] encode payload:", string(b))
_, err = enc.write(header, b) _, err = enc.write(header, b)
if nil != err { if nil != err {
@ -108,7 +107,7 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error {
//rin.Close() //rin.Close()
if io.EOF == err { if io.EOF == err {
header, _, _ := Encode(nil, src, Addr{scheme: "end"}) header, _, _ := Encode(nil, src, Addr{scheme: "end"})
fmt.Println("[debug] encode end: ", string(header)) //fmt.Println("[debug] encode end: ", string(header))
// ignore err, which may have already closed // ignore err, which may have already closed
_, _ = enc.write(header, nil) _, _ = enc.write(header, nil)
return nil return nil

View File

@ -115,10 +115,8 @@ func (l *Listener) RouteBytes(srcAddr, dstAddr Addr, b []byte) {
src := &srcAddr src := &srcAddr
dst := &dstAddr dst := &dstAddr
pipe := l.getPipe(src, dst) pipe := l.getPipe(src, dst, len(b))
//fmt.Printf("%s\n", b)
fmt.Printf("Forwarding bytes\n\tfrom %#v\n\tto %#v:\n", src, dst)
fmt.Printf("%s\n", b)
// handle errors before data writes because I don't // handle errors before data writes because I don't
// remember where the error message goes // remember where the error message goes
@ -141,7 +139,7 @@ func (l *Listener) RouteBytes(srcAddr, dstAddr Addr, b []byte) {
} }
} }
func (l *Listener) getPipe(src, dst *Addr) net.Conn { func (l *Listener) getPipe(src, dst *Addr, count int) net.Conn {
connID := src.Network() connID := src.Network()
pipe, ok := l.conns[connID] pipe, ok := l.conns[connID]
@ -149,6 +147,7 @@ func (l *Listener) getPipe(src, dst *Addr) net.Conn {
if ok { if ok {
return pipe return pipe
} }
fmt.Printf("New client (%d byte hello)\n\tfrom %#v\n\tto %#v:\n", count, src, dst)
// Create pipe // Create pipe
rawPipe, pipe := net.Pipe() rawPipe, pipe := net.Pipe()
@ -156,11 +155,6 @@ func (l *Listener) getPipe(src, dst *Addr) net.Conn {
//updated: time.Now(), //updated: time.Now(),
relaySourceAddr: *src, relaySourceAddr: *src,
relayTargetAddr: *dst, relayTargetAddr: *dst,
/*
relayTargetAddr: Addr{
scheme: addr.scheme,
},
*/
relay: rawPipe, relay: rawPipe,
} }
l.conns[connID] = pipe l.conns[connID] = pipe

View File

@ -36,7 +36,7 @@ func (m *RouteMux) Serve(client net.Conn) error {
for _, meta := range m.list { for _, meta := range m.list {
if servername == meta.addr || "*" == meta.addr { if servername == meta.addr || "*" == meta.addr {
fmt.Println("[debug] test of route:", meta) //fmt.Println("[debug] test of route:", meta)
if err := meta.handler.Serve(client); nil != err { if err := meta.handler.Serve(client); nil != err {
// error should be EOF if successful // error should be EOF if successful
return err return err

View File

@ -110,24 +110,34 @@ func Forward(client net.Conn, target net.Conn, timeout time.Duration) error {
client.SetDeadline(time.Now().Add(timeout)) client.SetDeadline(time.Now().Add(timeout))
_, err = target.Write(b) _, err = target.Write(b)
if nil != err { if nil != err {
fmt.Printf("write to target failed: %q", err.Error()) fmt.Printf("write to target failed: %q\n", err.Error())
break break
} }
case b := <-dstCh: case b := <-dstCh:
target.SetDeadline(time.Now().Add(timeout)) target.SetDeadline(time.Now().Add(timeout))
_, err = client.Write(b) _, err = client.Write(b)
if nil != err { if nil != err {
fmt.Printf("write to remote failed: %q", err.Error()) fmt.Printf("write to remote failed: %q\n", err.Error())
break break
} }
case err = <-srcErrCh: case err = <-srcErrCh:
if nil != err { if nil == err {
fmt.Printf("read from remote failed: %q", err.Error()) break
}
if io.EOF != err {
fmt.Printf("read from remote client failed: %q\n", err.Error())
} else {
fmt.Printf("Connection closed (possibly by remote client)\n")
} }
break break
case err = <-dstErrCh: case err = <-dstErrCh:
if nil != err { if nil == err {
fmt.Printf("read from target failed: %q", err.Error()) break
}
if io.EOF != err {
fmt.Printf("read from local target failed: %q\n", err.Error())
} else {
fmt.Printf("Connection closed (possibly by local target)\n")
} }
break break
@ -149,6 +159,8 @@ type ACME struct {
EnableTLSALPNChallenge bool EnableTLSALPNChallenge bool
} }
var acmecert *certmagic.Config = nil
func NewTerminator(acme *ACME, handler Handler) HandlerFunc { func NewTerminator(acme *ACME, handler Handler) HandlerFunc {
return func(client net.Conn) error { return func(client net.Conn) error {
return handler.Serve(TerminateTLS(client, acme)) return handler.Serve(TerminateTLS(client, acme))
@ -156,16 +168,23 @@ func NewTerminator(acme *ACME, handler Handler) HandlerFunc {
} }
func TerminateTLS(client net.Conn, acme *ACME) net.Conn { func TerminateTLS(client net.Conn, acme *ACME) net.Conn {
var magic *certmagic.Config = nil
if nil == acmecert {
acme.Storage = &certmagic.FileStorage{Path: acme.StoragePath} acme.Storage = &certmagic.FileStorage{Path: acme.StoragePath}
if "" == acme.Directory { if "" == acme.Directory {
acme.Directory = certmagic.LetsEncryptProductionCA acme.Directory = certmagic.LetsEncryptProductionCA
} }
magic, err := newCertMagic(acme)
var err error
magic, err = newCertMagic(acme)
if nil != err { if nil != err {
fmt.Fprintf(os.Stderr, "failed to initialize certificate management (discovery url? local folder perms?): %s\n", err) fmt.Fprintf(os.Stderr, "failed to initialize certificate management (discovery url? local folder perms?): %s\n", err)
os.Exit(1) os.Exit(1)
} }
acmecert = magic
}
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {

View File

@ -61,7 +61,7 @@ func (wsw *WebsocketTunnel) Read(b []byte) (int, error) {
if nil == wsw.tmpr { if nil == wsw.tmpr {
_, msgr, err := wsw.wsconn.NextReader() _, msgr, err := wsw.wsconn.NextReader()
if nil != err { if nil != err {
fmt.Println("debug wsw NextReader err:", err) //fmt.Println("debug wsw NextReader err:", err)
return 0, err return 0, err
} }
wsw.tmpr = msgr wsw.tmpr = msgr
@ -69,7 +69,7 @@ func (wsw *WebsocketTunnel) Read(b []byte) (int, error) {
n, err := wsw.tmpr.Read(b) n, err := wsw.tmpr.Read(b)
if nil != err { if nil != err {
fmt.Println("debug wsw Read err:", err) //fmt.Println("debug wsw Read err:", err)
if io.EOF == err { if io.EOF == err {
wsw.tmpr = nil wsw.tmpr = nil
// ignore the message EOF because it's not the websocket EOF // ignore the message EOF because it's not the websocket EOF
@ -85,12 +85,12 @@ func (wsw *WebsocketTunnel) Write(b []byte) (int, error) {
msgw, err := wsw.wsconn.NextWriter(websocket.BinaryMessage) msgw, err := wsw.wsconn.NextWriter(websocket.BinaryMessage)
if nil != err { if nil != err {
fmt.Println("debug wsw NextWriter err:", err) //fmt.Println("debug wsw NextWriter err:", err)
return 0, err return 0, err
} }
n, err := msgw.Write(b) n, err := msgw.Write(b)
if nil != err { if nil != err {
fmt.Println("debug wsw Write err:", err) //fmt.Println("debug wsw Write err:", err)
return n, err return n, err
} }
@ -100,7 +100,7 @@ func (wsw *WebsocketTunnel) Write(b []byte) (int, error) {
// Close will close the websocket with a control message // Close will close the websocket with a control message
func (wsw *WebsocketTunnel) Close() error { func (wsw *WebsocketTunnel) Close() error {
fmt.Println("[debug] closing the websocket.Conn") //fmt.Println("[debug] closing the websocket.Conn")
// TODO handle EOF as websocket.CloseNormal? // TODO handle EOF as websocket.CloseNormal?
message := websocket.FormatCloseMessage(websocket.CloseGoingAway, "closing connection") message := websocket.FormatCloseMessage(websocket.CloseGoingAway, "closing connection")