minor denesting

2020-04-29 23:49:09 -06:00 · 2020-04-29 23:49:09 -06:00 · cf8defbe3d
parent b8a7c9e481
commit cf8defbe3d
2 changed files with 100 additions and 90 deletions
--- a/rvpn/envelope/envelope.go
+++ b/rvpn/envelope/envelope.go
@ -21,9 +21,10 @@ type Envelope struct {

 //NewEnvelope -- Constructor
 func NewEnvelope(transactionType string) (p *Envelope) {
+	// TODO BUG use atomic
 	transactionID++

-	p = new(Envelope)
+	p = &Envelope{}
 	p.TransactionType = transactionType
 	p.TransactionID = transactionID
 	p.TransactionTimeStamp = time.Now().Unix()
--- a/rvpn/server/listener_generic.go
+++ b/rvpn/server/listener_generic.go
@ -96,17 +96,17 @@ func GenericListenAndServe(ctx context.Context, listenerRegistration *ListenerRe
 			}

 			wedgeConn := NewWedgeConn(conn)
-			go handleConnection(ctx, wedgeConn)
+			go acceptTCPOrTLS(ctx, wedgeConn)
 		}
 	}
 }

-//handleConnection -
+//acceptTCPOrTLS -
 // - accept a wedgeConnection along with all the other required attritvues
 // - peek into the buffer, determine TLS or unencrypted
 // - if TSL, then terminate with a TLS endpoint, pass to handleStream
 // - if clearText, pass to handleStream
-func handleConnection(ctx context.Context, wConn *WedgeConn) {
+func acceptTCPOrTLS(ctx context.Context, wConn *WedgeConn) {
 	defer wConn.Close()
 	peekCnt := 10

@ -145,14 +145,21 @@ func handleConnection(ctx context.Context, wConn *WedgeConn) {
 		loginfo.Println("SSLv2 is not accepted")
 		return

-	} else if encryptMode != encryptNone {
+	}
+
+	if encryptMode == encryptNone {
+		loginfo.Println("Handle Unencrypted")
+		handleStream(ctx, wConn)
+		return
+	}
+
 	loginfo.Println("Handle Encryption")

 	// check SNI heading
 	// if matched, then looks like a WSS connection
 	// else external don't pull off TLS.

-		peek, err := wConn.PeekAll()
+	peek, err = wConn.PeekAll()
 	if err != nil {
 		loginfo.Println("error while peeking")
 		loginfo.Println(hex.Dump(peek[0:]))
@ -203,10 +210,6 @@ func handleConnection(ctx context.Context, wConn *WedgeConn) {
 		loginfo.Println("processing non terminating traffic", wssHostName, sniHostName)
 		handleExternalHTTPRequest(ctx, wConn, sniHostName, "https")
 	}
-	}
-
-	loginfo.Println("Handle Unencrypted")
-	handleStream(ctx, wConn)

 	return
 }
@ -223,6 +226,7 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {
 	loginfo.Println("handle Stream")
 	loginfo.Println("conn", wConn.LocalAddr().String(), wConn.RemoteAddr().String())

+	// TODO couldn't this be dangerous? Or is it limited to a single packet?
 	peek, err := wConn.PeekAll()
 	if err != nil {
 		loginfo.Println("error while peeking", err)
@ -230,10 +234,16 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {
 		return
 	}

-	// HTTP Identifcation
-	if bytes.Contains(peek[:], []byte{0x0d, 0x0a}) {
+	// HTTP Identifcation // CRLF
+	if !bytes.Contains(peek[:], []byte{0x0d, 0x0a}) {
+		return
+	}
+
 	//string protocol
-		if bytes.ContainsAny(peek[:], "HTTP/") {
+	if !bytes.ContainsAny(peek[:], "HTTP/") {
+		return
+	}
+
 	loginfo.Println("identified HTTP")

 	r, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(peek)))
@ -256,20 +266,19 @@ func handleStream(ctx context.Context, wConn *WedgeConn) {

 		//do we have a invalid domain indicating Admin?
 		//if yes, prep the oneConn and send it to the handler
-			} else if strings.Contains(r.Host, telebit.InvalidAdminDomain) {
+		return
+	}
+	if strings.Contains(r.Host, telebit.InvalidAdminDomain) {
 		loginfo.Println("admin")
 		oneConn := &oneConnListener{wConn}
 		handleAdminClient(ctx, oneConn)
 		return

-			} else {
+	}
 	loginfo.Println("unsupported")
 	loginfo.Println(hex.Dump(peek))
 	return
 }
-		}
-	}
-}

 //handleExternalHTTPRequest -
 // - get a wConn and start processing requests