minor denesting
This commit is contained in:
parent
b8a7c9e481
commit
cf8defbe3d
|
|
@ -21,9 +21,10 @@ type Envelope struct {
|
||||||
|
|
||||||
//NewEnvelope -- Constructor
|
//NewEnvelope -- Constructor
|
||||||
func NewEnvelope(transactionType string) (p *Envelope) {
|
func NewEnvelope(transactionType string) (p *Envelope) {
|
||||||
|
// TODO BUG use atomic
|
||||||
transactionID++
|
transactionID++
|
||||||
|
|
||||||
p = new(Envelope)
|
p = &Envelope{}
|
||||||
p.TransactionType = transactionType
|
p.TransactionType = transactionType
|
||||||
p.TransactionID = transactionID
|
p.TransactionID = transactionID
|
||||||
p.TransactionTimeStamp = time.Now().Unix()
|
p.TransactionTimeStamp = time.Now().Unix()
|
||||||
|
|
|
||||||
|
|
@ -96,17 +96,17 @@ func GenericListenAndServe(ctx context.Context, listenerRegistration *ListenerRe
|
||||||
}
|
}
|
||||||
|
|
||||||
wedgeConn := NewWedgeConn(conn)
|
wedgeConn := NewWedgeConn(conn)
|
||||||
go handleConnection(ctx, wedgeConn)
|
go acceptTCPOrTLS(ctx, wedgeConn)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//handleConnection -
|
//acceptTCPOrTLS -
|
||||||
// - accept a wedgeConnection along with all the other required attritvues
|
// - accept a wedgeConnection along with all the other required attritvues
|
||||||
// - peek into the buffer, determine TLS or unencrypted
|
// - peek into the buffer, determine TLS or unencrypted
|
||||||
// - if TSL, then terminate with a TLS endpoint, pass to handleStream
|
// - if TSL, then terminate with a TLS endpoint, pass to handleStream
|
||||||
// - if clearText, pass to handleStream
|
// - if clearText, pass to handleStream
|
||||||
func handleConnection(ctx context.Context, wConn *WedgeConn) {
|
func acceptTCPOrTLS(ctx context.Context, wConn *WedgeConn) {
|
||||||
defer wConn.Close()
|
defer wConn.Close()
|
||||||
peekCnt := 10
|
peekCnt := 10
|
||||||
|
|
||||||
|
|
@ -145,14 +145,21 @@ func handleConnection(ctx context.Context, wConn *WedgeConn) {
|
||||||
loginfo.Println("SSLv2 is not accepted")
|
loginfo.Println("SSLv2 is not accepted")
|
||||||
return
|
return
|
||||||
|
|
||||||
} else if encryptMode != encryptNone {
|
}
|
||||||
|
|
||||||
|
if encryptMode == encryptNone {
|
||||||
|
loginfo.Println("Handle Unencrypted")
|
||||||
|
handleStream(ctx, wConn)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
loginfo.Println("Handle Encryption")
|
loginfo.Println("Handle Encryption")
|
||||||
|
|
||||||
// check SNI heading
|
// check SNI heading
|
||||||
// if matched, then looks like a WSS connection
|
// if matched, then looks like a WSS connection
|
||||||
// else external don't pull off TLS.
|
// else external don't pull off TLS.
|
||||||
|
|
||||||
peek, err := wConn.PeekAll()
|
peek, err = wConn.PeekAll()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
loginfo.Println("error while peeking")
|
loginfo.Println("error while peeking")
|
||||||
loginfo.Println(hex.Dump(peek[0:]))
|
loginfo.Println(hex.Dump(peek[0:]))
|
||||||
|
|
@ -203,10 +210,6 @@ func handleConnection(ctx context.Context, wConn *WedgeConn) {
|
||||||
loginfo.Println("processing non terminating traffic", wssHostName, sniHostName)
|
loginfo.Println("processing non terminating traffic", wssHostName, sniHostName)
|
||||||
handleExternalHTTPRequest(ctx, wConn, sniHostName, "https")
|
handleExternalHTTPRequest(ctx, wConn, sniHostName, "https")
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
loginfo.Println("Handle Unencrypted")
|
|
||||||
handleStream(ctx, wConn)
|
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -223,6 +226,7 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {
|
||||||
loginfo.Println("handle Stream")
|
loginfo.Println("handle Stream")
|
||||||
loginfo.Println("conn", wConn.LocalAddr().String(), wConn.RemoteAddr().String())
|
loginfo.Println("conn", wConn.LocalAddr().String(), wConn.RemoteAddr().String())
|
||||||
|
|
||||||
|
// TODO couldn't this be dangerous? Or is it limited to a single packet?
|
||||||
peek, err := wConn.PeekAll()
|
peek, err := wConn.PeekAll()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
loginfo.Println("error while peeking", err)
|
loginfo.Println("error while peeking", err)
|
||||||
|
|
@ -230,10 +234,16 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// HTTP Identifcation
|
// HTTP Identifcation // CRLF
|
||||||
if bytes.Contains(peek[:], []byte{0x0d, 0x0a}) {
|
if !bytes.Contains(peek[:], []byte{0x0d, 0x0a}) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
//string protocol
|
//string protocol
|
||||||
if bytes.ContainsAny(peek[:], "HTTP/") {
|
if !bytes.ContainsAny(peek[:], "HTTP/") {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
loginfo.Println("identified HTTP")
|
loginfo.Println("identified HTTP")
|
||||||
|
|
||||||
r, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(peek)))
|
r, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(peek)))
|
||||||
|
|
@ -256,19 +266,18 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {
|
||||||
|
|
||||||
//do we have a invalid domain indicating Admin?
|
//do we have a invalid domain indicating Admin?
|
||||||
//if yes, prep the oneConn and send it to the handler
|
//if yes, prep the oneConn and send it to the handler
|
||||||
} else if strings.Contains(r.Host, telebit.InvalidAdminDomain) {
|
return
|
||||||
|
}
|
||||||
|
if strings.Contains(r.Host, telebit.InvalidAdminDomain) {
|
||||||
loginfo.Println("admin")
|
loginfo.Println("admin")
|
||||||
oneConn := &oneConnListener{wConn}
|
oneConn := &oneConnListener{wConn}
|
||||||
handleAdminClient(ctx, oneConn)
|
handleAdminClient(ctx, oneConn)
|
||||||
return
|
return
|
||||||
|
|
||||||
} else {
|
}
|
||||||
loginfo.Println("unsupported")
|
loginfo.Println("unsupported")
|
||||||
loginfo.Println(hex.Dump(peek))
|
loginfo.Println(hex.Dump(peek))
|
||||||
return
|
return
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//handleExternalHTTPRequest -
|
//handleExternalHTTPRequest -
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue