Commit Graph

108 Commits

Author SHA1 Message Date
Henry Camacho 129e7df710 Got admin SPA up and displaying basic structure, H5BP, Bootstrap, Angular 2017-03-14 19:26:01 -05:00
Henry Camacho b85e7e3f24 Starting connections, we may not need this. 2017-03-13 20:29:35 -05:00
Henry Camacho f2082baf74 Removed — replaced by api_collect_domains 2017-03-13 20:29:05 -05:00
Henry Camacho 3d5d272736 Adding support for Domain and Domains 2017-03-13 20:22:44 -05:00
Henry Camacho dd7d63baf6 API Rest Interface answers to servers and server/{id}
- built envelope based on AJ spec, self standing package with transaction ID increment and unix time stamps
- fixed servers end point
- created server/{id} end point
- created rest mappings for GET
2017-03-13 16:46:11 -05:00
Henry Camacho b88817e4d1 Committing API code, and clean up. 2017-03-13 11:43:28 -05:00
Henry 020df4301b Merge branch 'passing-traffic-sni' into 'master'
Passing traffic sni

See merge request 
2017-03-13 16:40:18 +00:00
Henry Camacho 74591fd150 Added support for YAML configuration file
- implemented viper module in code.
- removed all the older configuration, not sure if we want to use flags or just the configuration files.
- added support for dwell, idle and cancelceck timers
- generic binding is now an int passing to the generic manager.
- passing dwell, and idle directly to connection table.
- adjusted all dead time structures, the system supports a map(string)interface{} of various dead time counters
- this version also supports variable sized buffers for each request by using the bufio.reader
- we peek all, and then pass everything down the channel we have.
- I am wondering if this will be a problem is someone just starts pouring data down never ending.
- direct support now for terminating domains
- there is a domain for admin, and wss.  Each shared the external address listener (testing 9999)

Additions
- added support for Discard for wedge connections
- added support for ReadByte to wedge conn
2017-03-11 14:28:49 -06:00
Henry Camacho 2fc5cf5e69 SNI Detection working, sets ‘HTTPS’ for packer for external connections 2017-03-11 08:28:04 -06:00
Henry Camacho 5334649fba got non-terminating traffic identified, and used SNI to figure direction 2017-03-10 23:36:42 -06:00
Henry Camacho f3bb9cb584 Implemented domain tracking for external connections
- system now tracks both in and out bytes
- various clean up.
2017-03-09 21:38:23 -06:00
Henry Camacho d7e01e8b40 Adjusted to remove excessive packages.
Moved XLATE into generic listener.
2017-03-07 19:34:16 -06:00
Henry Camacho b11f6c54bc Implemented Docker Container Testing.
- a few other minor fixes.
- removed RVPNMAIN
- there is a bunch of other clean up I want to do…
2017-03-04 12:18:08 -06:00
Henry Camacho 0eb136db75 Updated documentation 2017-03-02 21:32:53 -06:00
Henry Camacho 8f2e4f58c0 Working version of RVPN
- got too cute with the package names, needed to bring everything into one package, except for packer.
- system is passing traffic now, ran a load test generating 1000 connections, seems ok.
- removed a lot of message logging since traffic is passing.
2017-03-02 18:47:59 -06:00
Henry Camacho 5baa7a0601 Merge branch 'restructured-http' of git.daplie.com:Daplie/go-rvpn-server into restructured-http 2017-03-02 18:43:33 -06:00
Henry Camacho 98da3d491c Debugging, return traffic is coming back, unpacker build
- it does not look like the client is limiting the amount of traffic coming in, and it does not look like it is chunking.
- need to know the max chunk.
- increased to 64K
- unpacker code v1
- fixed packer logging.
2017-03-01 21:02:20 -06:00
Henry affbabc15e Update README.md 2017-02-27 00:34:54 +00:00
Henry Camacho f16d666b5d Debug command 2017-02-26 17:28:34 -06:00
Henry Camacho 493477179b Added support for a Listener Manager
- I anticipated having to bring up new listeners as tunnel-clients connect allowing different port use for a single domain
- completed the code, however did not see any port information coming back from WSS client.
- opened an issue with AJ.
- all listeners are now dynamically generated.  The run method takes an initial port, once functioning, the runner send down the channel a registration for the initial port.
2017-02-26 17:27:38 -06:00
Henry Camacho b122a6091b Fixed PeekAll
- added to handleStream for protocol detection
2017-02-26 12:40:10 -06:00
Henry Camacho 9e2a04c8a7 WSS Client now working with protocol detection
- added support for PeekAll…still not working 100%.
- passing important values inside the context, no longer on arguments
- stream handler now detects wss_client, validates the token to make sure.
- then passes to was handler which invokes http.Server with oneConnListener
- removing listener wedge, going to stay with oneConnListener.  It is working.
2017-02-26 12:35:06 -06:00
Henry Camacho ebafa277df Generic Listener supporting unencrypted, encrypted, with TLS version detection before TLS Accept
- added support for context passing between the various functions
- support for withCancel, allowing administrative canceling, and a clean up of Go Routines.
- generic listener now supports a single port for both encrypted and clear text protocols.
- employee the buffered wedge connection for peaking into the protocol
- implementation of the oneListener.
- when TLS, leveraged the NewListener which uses oneListener as n inner lister.
- once the stream is decrypted, or if it was already clear text it is passed to handleStream which performs application detection.
2017-02-25 23:17:39 -06:00
Henry Camacho d611757b10 Support for generic listeners, with protocol detection
- connectionWedge supports reading from a connection without consuming bytes (peeking)
- allowing protocol detection
- was still connections to 3502, it will support any port (443), admin follows this port.
- matches RVPN.DAPLIE.INVALID and redirects to admin — AJ to provide authentication framework.
- api/servers is also served by this path as we’ll.
- listener_generic is the beginngins of protocol detections.
- listener_wedge is an matches the net.Listener interface, and allows passing to other processes an already accepted connection
- this does not work for HTTP for some reason.
- spent a lot of time trying to figure out why.  Posted to go-nuts
2017-02-24 23:56:40 -06:00
Henry Camacho b179ecef0c Various fixes
- removed some debugging information/prints
- expanded the BIND for 3502 (the DAPLIE WSS listener)
2017-02-20 20:41:32 -06:00
Henry Camacho 43bf242ffd fixed debugging
- I was never able to get delve and visual studio code to work properly with this project.
- not sure if it is too complex, however a simple application could be debugged just fine.
- I’ve implemented godebug, and resolved the vendor dependancies
- now able to debug in development, and build self-contained code into QA/STAGING.
- this resolves the issues at this point.
2017-02-19 15:51:54 -06:00
Henry Camacho dbfccc4a0c Added support for connection reaping. 2017-02-19 14:32:03 -06:00
Henry Camacho ff3e63da8d Correcting Critical Bug
- when testing streams to WSS client, I caused tunnel.js to abort in xfer.
- this caused a panic in go.
- found that connection was reaped and garbage collected during send routines.
- placed synchronize around a connection states.
- moved connection creation into connection table.
- allowed connections to hang around while in a false state…
- will have a go routine remove them after some idle time and connections being false.
2017-02-19 14:05:06 -06:00
Henry Camacho c261b5d3a3 Merge branch 'restructured-admin' of git.daplie.com:Daplie/go-rvpn-server into restructured-admin 2017-02-18 15:22:31 -06:00
Henry Camacho d7ef074ea2 Testing for AJ 2017-02-18 15:21:36 -06:00
AJ ONeal 3f3b629f37 Update README.md 2017-02-16 23:59:25 +00:00
Henry Camacho fc89682b9e updated to include domain stat traffic
- add support for domain_api container for JSON encoding
- separated server api containers out of the listener_admin
- added domain track to connection
- add extension to the send channel to identify domain associated to send bytes
- helper function for adding tracked domain
- implemented outbound byte counter for domain (inbound will come when we resolve the packer issues)
2017-02-15 20:06:26 -06:00
Henry Camacho 3dbdd694df Admin interface — added api/servers
- collects a list of WSS servers, and the connection structure
- calculates a connection duration
- collects the bytes in/out
- encodes to JSON and sends response.
2017-02-15 17:53:34 -06:00
Henry Camacho 2fdb033c55 Fixed minor bug…. 2017-02-13 21:13:29 -06:00
Henry Camacho 938e950261 Updated documentation and more debugging information 2017-02-13 20:53:27 -06:00
Henry Camacho 8a5ab4fe76 Data Written to the Channel
- added support for ConnByDomain which looks up existing WSS and registered domain
- passed connection table to External Listener
- on request, obtained hostname and map to domain, split the remote address and port (will go into an table eventually)
- look up the domain and find the WSS connection
- packed up the frame.
- sent down the channel.
2017-02-13 20:36:01 -06:00
Henry Camacho 604f1d0b03 Added support for building a packer buffer. 2017-02-13 18:47:16 -06:00
Henry Camacho 82b9e7be34 Updating documentation 2017-02-13 16:00:36 -06:00
Henry Camacho 1df1e17c05 Completing commit for push. 2017-02-13 15:59:10 -06:00
Henry Camacho 07380af871 lots of changes
- debugging issues (not resolved) attempting to move the main executable into the base directory, this did not solve the issue, keeping it here.  A main.go and the executable.
listener_client — the WSS client
- removed support for anything admin
- injected the domains from the claim
- domains are now included as initialDomains
- registration performans as normal but includes adding the domains to a map of domains, and a collection of domains on the connection.
- the system now supports look up fast in either direction, not sure if it will be needed.
- reads a chan during registration before allowing traffic, making sure all is well.
- registration returns a true on the channel if all is well.   If it is not, false.  Likely will add some text to pass back.

Connection
- added support for boolean channel
- support for initial domains in a slice, these are brought back from the JWT as a interface and then are type asserted into the map
- removed all the old timer sender dwell stuff as a POC for traffic counts.

ConnectionTable
- added support for domain announcement after the WSS is connection.  Not sure if we will need these.  They have not been implemented.
- I assume all domains are registered with JWT unless I hear differently which would require a new WSS session
- expanded NewTable constructor
- populating domains into the domain map, and into the connection slice.
- added support for removing domains when a connection is removed.
2017-02-12 14:39:50 -06:00
Henry Camacho a5450dd205 Restructured project abstracting modules, using Caddy as a guide. 2017-02-11 22:13:29 -06:00
Henry Camacho 6d172c2404 Continued restructuring isolating network interfaces
- each listener has its own MUX and handlers that are separate from global.
- the external handler will take a request from an external client destine for a WSS.
- the request is output on stdio.

My Questions are this point is this:
- do I just send the request down towards the WSS, or do I have to pack it?
- what is the response I will get back from the tunnel client?  That seems it must be in a packer.
- I’ve been going though the source I need to be pointed in the right direction.
2017-02-08 21:08:53 -06:00
Henry Camacho e98780fd21 Documentation to include creating 127.0.0.2 alias 2017-02-05 21:23:24 -06:00
Henry Camacho 894bd997a9 Restructured code, using module use, created logging package as a helper
- altered code to support a client bound interface
- altered code to support an admin bound interface
- added configurations and defaults.
- removed timeout function at the end of main.
- the final go routine was converted to a foreground routine.
2017-02-05 21:19:04 -06:00
AJ ONeal 7e3c6e061a Update README.md 2017-02-03 03:52:48 +00:00
AJ ONeal ceebc270d4 add jwt-go to deps 2017-02-03 03:50:44 +00:00
Henry Camacho 669d992f45 Updated for tunnel-client connectivity to go-rvpn-server 2017-02-02 21:32:37 -06:00
Henry Camacho c781b64cb7 updated to support wss://localhost:8000/ w/jwt validation
- checks validity of the token, and aborts connection if invalid
- displays domains processed contained in token.
2017-02-02 21:28:25 -06:00
Henry Camacho d3747c809a Updated, restored file and tested.
- certs and traffic counts are working
2017-02-02 17:25:12 -06:00
Henry Camacho b29a43f7a8 removing file. 2017-02-02 17:21:48 -06:00