root
/
telebit
mirror of https://github.com/therootcompany/telebit.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

bugfixes and cleanup

This commit is contained in:
AJ ONeal 2020-07-22 02:09:06 -06:00
parent afbbb8fca7
commit de020d8fea
5 changed files with 60 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -34,6 +34,7 @@ telebit-client-windows.exe
/cmd/telebit-relay/telebit-relay-linux /cmd/telebit-relay/telebit-relay-linux
/cmd/telebit-relay/telebit-relay-macos /cmd/telebit-relay/telebit-relay-macos
*.zip
.*.sw* .*.sw*
log.txt log.txt
*.log *.log

13
cmd/signjwt/signjwt.go
View File

@ -11,6 +11,7 @@ import (
"strconv" "strconv"
telebit "git.rootprojects.org/root/telebit" telebit "git.rootprojects.org/root/telebit"
"git.rootprojects.org/root/telebit/dbg"
"git.rootprojects.org/root/telebit/mgmt/authstore" "git.rootprojects.org/root/telebit/mgmt/authstore"
"github.com/denisbrodbeck/machineid" "github.com/denisbrodbeck/machineid"
@ -120,12 +121,16 @@ func main() {
ppid = base64.RawURLEncoding.EncodeToString(muidBytes) ppid = base64.RawURLEncoding.EncodeToString(muidBytes)
} }
if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug] vendorID = %s\n", *vendorID) fmt.Fprintf(os.Stderr, "[debug] vendorID = %s\n", *vendorID)
fmt.Fprintf(os.Stderr, "[debug] secret = %s\n", secret) fmt.Fprintf(os.Stderr, "[debug] secret = %s\n", secret)
}
pub := authstore.ToPublicKeyString(ppid) pub := authstore.ToPublicKeyString(ppid)
if *getMachinePPID { if *getMachinePPID {
if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug]: <ppid> <pub>\n") fmt.Fprintf(os.Stderr, "[debug]: <ppid> <pub>\n")
}
fmt.Fprintf( fmt.Fprintf(
os.Stdout, os.Stdout,
"%s %s\n", "%s %s\n",
@ -135,8 +140,10 @@ func main() {
return return
} }
if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug] ppid = %s\n", ppid) fmt.Fprintf(os.Stderr, "[debug] ppid = %s\n", ppid)
fmt.Fprintf(os.Stderr, "[debug] pub = %s\n", pub) fmt.Fprintf(os.Stderr, "[debug] pub = %s\n", pub)
}
tok, err := authstore.HMACToken(ppid, expNum) tok, err := authstore.HMACToken(ppid, expNum)
if nil != err { if nil != err {
@ -145,8 +152,10 @@ func main() {
return return
} }
if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug] <token>\n") fmt.Fprintf(os.Stderr, "[debug] <token>\n")
fmt.Fprintf(os.Stdout, "%s\n", tok) }
fmt.Printf("%s\n", tok)
if "" != *authURL { if "" != *authURL {
grants, err := telebit.Inspect(*authURL, tok) grants, err := telebit.Inspect(*authURL, tok)
@ -154,10 +163,12 @@ func main() {
fmt.Fprintf(os.Stderr, "inspect relay token failed:\n%s\n", err) fmt.Fprintf(os.Stderr, "inspect relay token failed:\n%s\n", err)
os.Exit(1) os.Exit(1)
} }
if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug] <grants>\n") fmt.Fprintf(os.Stderr, "[debug] <grants>\n")
fmt.Fprintf(os.Stderr, "%+v\n", grants) fmt.Fprintf(os.Stderr, "%+v\n", grants)
} }
} }
}
func ProtectMachineID(appID, machineID string) string { func ProtectMachineID(appID, machineID string) string {
mac := hmac.New(sha256.New, []byte(machineID)) mac := hmac.New(sha256.New, []byte(machineID))

25
cmd/telebit/telebit.go
View File

@ -6,6 +6,7 @@ import (
"context" "context"
"encoding/base64" "encoding/base64"
"encoding/hex" "encoding/hex"
"encoding/json"
"flag" "flag"
"fmt" "fmt"
"io" "io"
@ -249,7 +250,9 @@ func main() {
fmt.Fprintf(os.Stderr, "Error: invalid Tunnel Relay URL %q: %s\n", *relay, err) fmt.Fprintf(os.Stderr, "Error: invalid Tunnel Relay URL %q: %s\n", *relay, err)
os.Exit(1) os.Exit(1)
} }
fmt.Printf("[Directory] %s\n\t%#v\n", *relay, directory) fmt.Printf("[Directory] %s\n", *relay)
jsonb, _ := json.Marshal(directory)
fmt.Printf("\t%s\n", string(jsonb))
authBase := strings.TrimSuffix(directory.Authenticate.URL, "/inspect") authBase := strings.TrimSuffix(directory.Authenticate.URL, "/inspect")
if "" == *authURL { if "" == *authURL {
@ -260,14 +263,28 @@ func main() {
} }
if "" == *authURL { if "" == *authURL {
fmt.Fprintf(os.Stderr, "Discovered Directory Endpoints: %+v\n", directory) fmt.Fprintf(os.Stderr, "Discovered Directory Endpoints: %+v\n", directory)
fmt.Fprintf(os.Stderr, "No Auth URL detected, no supplied\n") fmt.Fprintf(os.Stderr, "No Auth URL detected, nor supplied\n")
os.Exit(1) os.Exit(1)
return return
} }
// TODO look at relay rather than authURL?
fmt.Println("Auth URL", *authURL) fmt.Println("Auth URL", *authURL)
authorizer = NewAuthorizer(*authURL) authorizer = NewAuthorizer(*authURL)
dns01Base := directory.DNS01Proxy.URL
if "" == *acmeRelay {
*acmeRelay = dns01Base
} else {
fmt.Println("Suggested ACME DNS 01 Proxy URL:", dns01Base)
fmt.Println("--acme-relay-url ACME DNS 01 Proxy URL:", *acmeRelay)
}
if "" == *authURL {
fmt.Fprintf(os.Stderr, "Discovered Directory Endpoints: %+v\n", directory)
fmt.Fprintf(os.Stderr, "No ACME DNS 01 Proxy URL detected, nor supplied\n")
os.Exit(1)
return
}
fmt.Println("DNS 01 URL", *acmeRelay)
grants, err = telebit.Inspect(*authURL, *token) grants, err = telebit.Inspect(*authURL, *token)
if nil != err { if nil != err {
_, err := mgmt.Register(*authURL, ClientSecret, ppid) _, err := mgmt.Register(*authURL, ClientSecret, ppid)

5
telebit.go
View File

@ -16,6 +16,7 @@ import (
"strings" "strings"
"time" "time"
"git.rootprojects.org/root/telebit/dbg"
httpshim "git.rootprojects.org/root/telebit/tunnel" httpshim "git.rootprojects.org/root/telebit/tunnel"
"github.com/caddyserver/certmagic" "github.com/caddyserver/certmagic"
@ -372,7 +373,9 @@ type Grants struct {
func Inspect(authURL, token string) (*Grants, error) { func Inspect(authURL, token string) (*Grants, error) {
inspectURL := strings.TrimSuffix(authURL, "/inspect") + "/inspect" inspectURL := strings.TrimSuffix(authURL, "/inspect") + "/inspect"
//fmt.Fprintf(os.Stderr, "[debug] telebit.Inspect(\n\tinspectURL = %s,\n\ttoken = %s,\n)", inspectURL, token) if dbg.Debug {
fmt.Fprintf(os.Stderr, "[debug] telebit.Inspect(\n\tinspectURL = %s,\n\ttoken = %s,\n)\n", inspectURL, token)
}
msg, err := Request("GET", inspectURL, token, nil) msg, err := Request("GET", inspectURL, token, nil)
if nil != err { if nil != err {
return nil, err return nil, err

15
tunnel/discover.go
View File

@ -19,6 +19,7 @@ type Endpoints struct {
APIHost string `json:"api_host"` APIHost string `json:"api_host"`
Tunnel Endpoint `json:"tunnel"` Tunnel Endpoint `json:"tunnel"`
Authenticate Endpoint `json:"authn"` Authenticate Endpoint `json:"authn"`
DNS01Proxy Endpoint `json:"acme_dns_01_proxy"`
/* /*
{ {
"terms_of_service": ":hostname/tos/", "terms_of_service": ":hostname/tos/",
@ -33,10 +34,10 @@ type Endpoints struct {
// Endpoint represents a URL Request // Endpoint represents a URL Request
type Endpoint struct { type Endpoint struct {
URL string `json:"-"` URL string `json:"url,omitempty"`
Method string `json:"method"` Method string `json:"method,omitempty"`
Scheme string `json:"scheme"` Scheme string `json:"scheme,omitempty"`
Host string `json:"host"` Host string `json:"host,omitempty"`
Pathname string `json:"pathname"` Pathname string `json:"pathname"`
} }
@ -79,15 +80,18 @@ func Discover(relay string) (*Endpoints, error) {
} }
directives.Authenticate.URL = endpointToURLString(directives.APIHost, directives.Authenticate) directives.Authenticate.URL = endpointToURLString(directives.APIHost, directives.Authenticate)
directives.DNS01Proxy.URL = endpointToURLString(directives.APIHost, directives.DNS01Proxy)
return directives, nil return directives, nil
} }
func endpointToURLString(apiHost string, endpoint Endpoint) string { func endpointToURLString(apiHost string, endpoint Endpoint) string {
pathname := endpoint.Pathname pathname := endpoint.Pathname
/*
if "" == pathname { if "" == pathname {
return "" return ""
} }
*/
host := endpoint.Host host := endpoint.Host
if "" == host { if "" == host {
@ -99,5 +103,8 @@ func endpointToURLString(apiHost string, endpoint Endpoint) string {
scheme = "https:" scheme = "https:"
} }
if "" == pathname {
return fmt.Sprintf("%s//%s", scheme, host)
}
return fmt.Sprintf("%s//%s/%s", scheme, host, pathname) return fmt.Sprintf("%s//%s/%s", scheme, host, pathname)
} }