Continued restructuring isolating network interfaces
- each listener has its own MUX and handlers that are separate from global. - the external handler will take a request from an external client destine for a WSS. - the request is output on stdio. My Questions are this point is this: - do I just send the request down towards the WSS, or do I have to pack it? - what is the response I will get back from the tunnel client? That seems it must be in a packer. - I’ve been going though the source I need to be pointed in the right direction.
This commit is contained in:
parent
e98780fd21
commit
6d172c2404
|
@ -50,6 +50,12 @@ INFO: 2017/02/02 21:24:15 connection.go:113: websocket opening 127.0.0.1:55487
|
||||||
INFO: 2017/02/02 21:24:15 connection.go:123: access_token invalid...closing connection
|
INFO: 2017/02/02 21:24:15 connection.go:123: access_token invalid...closing connection
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Connection to the External Interface.
|
||||||
|
http://127.0.0.1:8080
|
||||||
|
|
||||||
|
The request is dumped to stdio. This is in preparation of taking that request and sending it back to the designated WSS connection
|
||||||
|
The system needs to track the response coming back, decouple it, and place it back on the wire in the form of a response stream. Since
|
||||||
|
|
||||||
A Poor Man's Reverse VPN written in Go
|
A Poor Man's Reverse VPN written in Go
|
||||||
|
|
||||||
Context
|
Context
|
||||||
|
|
|
@ -2,11 +2,9 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"net/http"
|
|
||||||
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/dgrijalva/jwt-go"
|
|
||||||
"github.com/gorilla/websocket"
|
"github.com/gorilla/websocket"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -105,42 +103,3 @@ func (c *Connection) sender() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// handleConnectionWebSocket handles websocket requests from the peer.
|
|
||||||
func handleConnectionWebSocket(connectionTable *ConnectionTable, w http.ResponseWriter, r *http.Request, admin bool) {
|
|
||||||
loginfo.Println("websocket opening ", r.RemoteAddr, " ", r.Host)
|
|
||||||
|
|
||||||
tokenString := r.URL.Query().Get("access_token")
|
|
||||||
result, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
|
||||||
return []byte(secretKey), nil
|
|
||||||
})
|
|
||||||
|
|
||||||
if err != nil || !result.Valid {
|
|
||||||
w.WriteHeader(http.StatusForbidden)
|
|
||||||
w.Write([]byte("Not Authorized"))
|
|
||||||
loginfo.Println("access_token invalid...closing connection")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
loginfo.Println("access_token valid")
|
|
||||||
|
|
||||||
claims := result.Claims.(jwt.MapClaims)
|
|
||||||
loginfo.Println("processing domains", claims["domains"])
|
|
||||||
|
|
||||||
if admin == true {
|
|
||||||
loginfo.Println("Recognized Admin connection, waiting authentication")
|
|
||||||
} else {
|
|
||||||
loginfo.Println("Recognized connection, waiting authentication")
|
|
||||||
}
|
|
||||||
|
|
||||||
conn, err := upgrader.Upgrade(w, r, nil)
|
|
||||||
if err != nil {
|
|
||||||
loginfo.Println("WebSocket upgrade failed", err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
connection := &Connection{connectionTable: connectionTable, conn: conn, send: make(chan []byte, 256), source: r.RemoteAddr, admin: admin}
|
|
||||||
connection.connectionTable.register <- connection
|
|
||||||
go connection.writer()
|
|
||||||
//go connection.sender()
|
|
||||||
connection.reader()
|
|
||||||
}
|
|
||||||
|
|
|
@ -7,18 +7,10 @@ import (
|
||||||
|
|
||||||
//launchAdminListener - starts up http listeners and handles various URI paths
|
//launchAdminListener - starts up http listeners and handles various URI paths
|
||||||
func launchAdminListener() {
|
func launchAdminListener() {
|
||||||
loginfo.Println("starting Admin Listener")
|
loginfo.Println("starting launchAdminListener", *argServerBinding)
|
||||||
|
|
||||||
http.HandleFunc("/admin", handlerServeAdminContent)
|
mux := http.NewServeMux()
|
||||||
|
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
err := http.ListenAndServeTLS(*argServerAdminBinding, "certs/fullchain.pem", "certs/privkey.pem", nil)
|
|
||||||
if err != nil {
|
|
||||||
logfatal.Println("ListenAndServe: ", err)
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func handlerServeAdminContent(w http.ResponseWriter, r *http.Request) {
|
|
||||||
switch url := r.URL.Path; url {
|
switch url := r.URL.Path; url {
|
||||||
case "/":
|
case "/":
|
||||||
handleConnectionWebSocket(connectionTable, w, r, false)
|
handleConnectionWebSocket(connectionTable, w, r, false)
|
||||||
|
@ -33,4 +25,16 @@ func handlerServeAdminContent(w http.ResponseWriter, r *http.Request) {
|
||||||
http.Error(w, "Not Found", 404)
|
http.Error(w, "Not Found", 404)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
})
|
||||||
|
s := &http.Server{
|
||||||
|
Addr: *argServerAdminBinding,
|
||||||
|
Handler: mux,
|
||||||
|
}
|
||||||
|
|
||||||
|
err := s.ListenAndServe()
|
||||||
|
if err != nil {
|
||||||
|
logfatal.Println("ListenAndServe: ", err)
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,44 +1,76 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"html/template"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
jwt "github.com/dgrijalva/jwt-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
//launchListener - starts up http listeners and handles various URI paths
|
//launchClientListener - starts up http listeners and handles various URI paths
|
||||||
func launchClientListener() {
|
func launchClientListener() {
|
||||||
loginfo.Println("starting Client Listener ", argServerBinding)
|
loginfo.Println("starting WebRequestExternal Listener ", *argServerBinding)
|
||||||
|
|
||||||
connectionTable = newConnectionTable()
|
mux := http.NewServeMux()
|
||||||
go connectionTable.run()
|
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
http.HandleFunc("/", handlerServeContent)
|
|
||||||
|
|
||||||
err := http.ListenAndServeTLS(*argServerBinding, "certs/fullchain.pem", "certs/privkey.pem", nil)
|
|
||||||
if err != nil {
|
|
||||||
logfatal.Println("ListenAndServe: ", err)
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func handlerServeContent(w http.ResponseWriter, r *http.Request) {
|
|
||||||
switch url := r.URL.Path; url {
|
switch url := r.URL.Path; url {
|
||||||
case "/":
|
case "/":
|
||||||
handleConnectionWebSocket(connectionTable, w, r, false)
|
handleConnectionWebSocket(connectionTable, w, r, false)
|
||||||
//w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
||||||
//template.Must(template.ParseFiles("html/client.html")).Execute(w, r.Host)
|
|
||||||
|
|
||||||
case "/admin":
|
|
||||||
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
||||||
template.Must(template.ParseFiles("html/admin.html")).Execute(w, r.Host)
|
|
||||||
|
|
||||||
case "/ws/client":
|
|
||||||
handleConnectionWebSocket(connectionTable, w, r, false)
|
|
||||||
|
|
||||||
case "/ws/admin":
|
|
||||||
handleConnectionWebSocket(connectionTable, w, r, true)
|
|
||||||
|
|
||||||
default:
|
default:
|
||||||
http.Error(w, "Not Found", 404)
|
http.Error(w, "Not Found", 404)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
})
|
||||||
|
|
||||||
|
s := &http.Server{
|
||||||
|
Addr: *argServerBinding,
|
||||||
|
Handler: mux,
|
||||||
|
}
|
||||||
|
|
||||||
|
err := s.ListenAndServeTLS("certs/fullchain.pem", "certs/privkey.pem")
|
||||||
|
if err != nil {
|
||||||
|
logfatal.Println("ListenAndServeTLS: ", err)
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// handleConnectionWebSocket handles websocket requests from the peer.
|
||||||
|
func handleConnectionWebSocket(connectionTable *ConnectionTable, w http.ResponseWriter, r *http.Request, admin bool) {
|
||||||
|
loginfo.Println("websocket opening ", r.RemoteAddr, " ", r.Host)
|
||||||
|
|
||||||
|
tokenString := r.URL.Query().Get("access_token")
|
||||||
|
result, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
||||||
|
return []byte(secretKey), nil
|
||||||
|
})
|
||||||
|
|
||||||
|
if err != nil || !result.Valid {
|
||||||
|
w.WriteHeader(http.StatusForbidden)
|
||||||
|
w.Write([]byte("Not Authorized"))
|
||||||
|
loginfo.Println("access_token invalid...closing connection")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
loginfo.Println("access_token valid")
|
||||||
|
|
||||||
|
claims := result.Claims.(jwt.MapClaims)
|
||||||
|
loginfo.Println("processing domains", claims["domains"])
|
||||||
|
|
||||||
|
if admin == true {
|
||||||
|
loginfo.Println("Recognized Admin connection, waiting authentication")
|
||||||
|
} else {
|
||||||
|
loginfo.Println("Recognized connection, waiting authentication")
|
||||||
|
}
|
||||||
|
|
||||||
|
conn, err := upgrader.Upgrade(w, r, nil)
|
||||||
|
if err != nil {
|
||||||
|
loginfo.Println("WebSocket upgrade failed", err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
loginfo.Println("before connection table")
|
||||||
|
connection := &Connection{connectionTable: connectionTable, conn: conn, send: make(chan []byte, 256), source: r.RemoteAddr, admin: admin}
|
||||||
|
connection.connectionTable.register <- connection
|
||||||
|
go connection.writer()
|
||||||
|
//go connection.sender()
|
||||||
|
connection.reader()
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import "net/http"
|
||||||
|
import "net/http/httputil"
|
||||||
|
|
||||||
|
//launchWebRequestListener - starts up extern http listeners, gets request and prep's to hand it off inside.
|
||||||
|
func launchWebRequestExternalListener() {
|
||||||
|
|
||||||
|
loginfo.Println("starting WebRequestExternal Listener ", *argServerExternalBinding)
|
||||||
|
|
||||||
|
mux := http.NewServeMux()
|
||||||
|
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
switch url := r.URL.Path; url {
|
||||||
|
default:
|
||||||
|
loginfo.Println("handlerWebRequestExternal")
|
||||||
|
|
||||||
|
dump, err := httputil.DumpRequest(r, true)
|
||||||
|
if err != nil {
|
||||||
|
loginfo.Println(err)
|
||||||
|
} else {
|
||||||
|
loginfo.Printf("%q", dump)
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
})
|
||||||
|
s := &http.Server{
|
||||||
|
Addr: *argServerExternalBinding,
|
||||||
|
Handler: mux,
|
||||||
|
}
|
||||||
|
|
||||||
|
err := s.ListenAndServe()
|
||||||
|
if err != nil {
|
||||||
|
logfatal.Println("ListenAndServe: ", err)
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
}
|
|
@ -29,8 +29,9 @@ var (
|
||||||
loginfo *log.Logger
|
loginfo *log.Logger
|
||||||
logfatal *log.Logger
|
logfatal *log.Logger
|
||||||
logFlags = log.Ldate | log.Lmicroseconds | log.Lshortfile
|
logFlags = log.Ldate | log.Lmicroseconds | log.Lshortfile
|
||||||
argServerBinding = flag.String("server-port", "127.0.0.1:8000", "server Bind listener")
|
argServerBinding = flag.String("server-port", "127.0.0.1:3502", "server Bind listener")
|
||||||
argServerAdminBinding = flag.String("admin-server-port", "127.0.0.2:8000", "admin server Bind listener")
|
argServerAdminBinding = flag.String("admin-server-port", "127.0.0.2:8000", "admin server Bind listener")
|
||||||
|
argServerExternalBinding = flag.String("external-server-port", "127.0.0.1:8080", "external server Bind listener")
|
||||||
connectionTable *ConnectionTable
|
connectionTable *ConnectionTable
|
||||||
secretKey = "abc123"
|
secretKey = "abc123"
|
||||||
)
|
)
|
||||||
|
@ -49,6 +50,9 @@ func main() {
|
||||||
loginfo.Println("startup")
|
loginfo.Println("startup")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
connectionTable = newConnectionTable()
|
||||||
|
go connectionTable.run()
|
||||||
go launchClientListener()
|
go launchClientListener()
|
||||||
|
go launchWebRequestExternalListener()
|
||||||
launchAdminListener()
|
launchAdminListener()
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue