Compare commits
28 Commits
v1.0.4
...
e3988b339f
| Author | SHA1 | Date | |
|---|---|---|---|
| e3988b339f | |||
| 336948a397 | |||
| 50ae422de8 | |||
| 8467ed555e | |||
| 01ddc76f7e | |||
| ffb3565ff5 | |||
| 6d700ef6dd | |||
| b8acb6da4c | |||
| 6b4127f0ef | |||
| 16d48ff906 | |||
| 6213ff8a30 | |||
| 4ffaec9d9a | |||
| 6de0a618ee | |||
| 8cc70fa45e | |||
| d666ae5545 | |||
| 5edb3c8086 | |||
| 5b603d8317 | |||
| 5ceade81db | |||
| 8fd9f8b567 | |||
| 30e84ac3b7 | |||
| fd6ffc2500 | |||
| e1cd4ed981 | |||
| 96d2b88f95 | |||
| 2e8767f17a | |||
| 7716eb7f29 | |||
| 8a456d2cde | |||
| 8841230653 | |||
| 4d0a7deaf2 |
@@ -1,21 +0,0 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
push:
|
||||
branches:
|
||||
- staging
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: git.fossy.my.id/renovate-clanker/renovate:latest
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- run: renovate
|
||||
env:
|
||||
RENOVATE_CONFIG_FILE: ${{ gitea.workspace }}/renovate-config.js
|
||||
LOG_LEVEL: "debug"
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
GITHUB_COM_TOKEN: ${{ secrets.COM_TOKEN }}
|
||||
@@ -33,6 +33,10 @@ The following environment variables can be configured in the `.env` file:
|
||||
| `BUFFER_SIZE` | Buffer size for io.Copy operations in bytes (4096-1048576) | `32768` | No |
|
||||
| `PPROF_ENABLED` | Enable pprof profiling server | `false` | No |
|
||||
| `PPROF_PORT` | Port for pprof server | `6060` | No |
|
||||
| `MODE` | Runtime mode: `standalone` (default, no gRPC/auth) or `node` (enable gRPC + auth) | `standalone` | No |
|
||||
| `GRPC_ADDRESS` | gRPC server address/host used in `node` mode | `localhost` | No |
|
||||
| `GRPC_PORT` | gRPC server port used in `node` mode | `8080` | No |
|
||||
| `NODE_TOKEN` | Authentication token sent to controller in `node` mode | - (required in `node`) | Yes (node mode) |
|
||||
|
||||
**Note:** All environment variables now use UPPERCASE naming. The application includes sensible defaults for all variables, so you can run it without a `.env` file for basic functionality.
|
||||
|
||||
|
||||
41
go.mod
41
go.mod
@@ -1,48 +1,55 @@
|
||||
module tunnel_pls
|
||||
|
||||
go 1.24.4
|
||||
go 1.25.5
|
||||
|
||||
require (
|
||||
github.com/caddyserver/certmagic v0.25.0
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0
|
||||
github.com/caddyserver/certmagic v0.25.1
|
||||
github.com/charmbracelet/bubbles v0.21.0
|
||||
github.com/charmbracelet/bubbletea v1.3.10
|
||||
github.com/charmbracelet/lipgloss v1.1.0
|
||||
github.com/joho/godotenv v1.5.1
|
||||
github.com/libdns/cloudflare v0.2.2
|
||||
github.com/muesli/termenv v0.16.0
|
||||
golang.org/x/crypto v0.46.0
|
||||
google.golang.org/grpc v1.78.0
|
||||
google.golang.org/protobuf v1.36.11
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/atotto/clipboard v0.1.4 // indirect
|
||||
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
|
||||
github.com/caddyserver/zerossl v0.1.3 // indirect
|
||||
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
|
||||
github.com/charmbracelet/lipgloss v1.1.0 // indirect
|
||||
github.com/charmbracelet/x/ansi v0.10.1 // indirect
|
||||
github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd // indirect
|
||||
github.com/charmbracelet/x/term v0.2.1 // indirect
|
||||
github.com/caddyserver/zerossl v0.1.4 // indirect
|
||||
github.com/charmbracelet/colorprofile v0.4.1 // indirect
|
||||
github.com/charmbracelet/x/ansi v0.11.3 // indirect
|
||||
github.com/charmbracelet/x/cellbuf v0.0.14 // indirect
|
||||
github.com/charmbracelet/x/term v0.2.2 // indirect
|
||||
github.com/clipperhouse/displaywidth v0.6.2 // indirect
|
||||
github.com/clipperhouse/stringish v0.1.1 // indirect
|
||||
github.com/clipperhouse/uax29/v2 v2.3.0 // indirect
|
||||
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
|
||||
github.com/klauspost/cpuid/v2 v2.3.0 // indirect
|
||||
github.com/libdns/libdns v1.1.1 // indirect
|
||||
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
|
||||
github.com/lucasb-eyer/go-colorful v1.3.0 // indirect
|
||||
github.com/mattn/go-isatty v0.0.20 // indirect
|
||||
github.com/mattn/go-localereader v0.0.1 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.16 // indirect
|
||||
github.com/mholt/acmez/v3 v3.1.3 // indirect
|
||||
github.com/miekg/dns v1.1.68 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.19 // indirect
|
||||
github.com/mholt/acmez/v3 v3.1.4 // indirect
|
||||
github.com/miekg/dns v1.1.69 // indirect
|
||||
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
|
||||
github.com/muesli/cancelreader v0.2.2 // indirect
|
||||
github.com/muesli/termenv v0.16.0 // indirect
|
||||
github.com/rivo/uniseg v0.4.7 // indirect
|
||||
github.com/sahilm/fuzzy v0.1.1 // indirect
|
||||
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
|
||||
github.com/zeebo/blake3 v0.2.4 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
go.uber.org/zap v1.27.0 // indirect
|
||||
go.uber.org/zap v1.27.1 // indirect
|
||||
go.uber.org/zap/exp v0.3.0 // indirect
|
||||
golang.org/x/mod v0.30.0 // indirect
|
||||
golang.org/x/net v0.47.0 // indirect
|
||||
golang.org/x/mod v0.31.0 // indirect
|
||||
golang.org/x/net v0.48.0 // indirect
|
||||
golang.org/x/sync v0.19.0 // indirect
|
||||
golang.org/x/sys v0.39.0 // indirect
|
||||
golang.org/x/text v0.32.0 // indirect
|
||||
golang.org/x/tools v0.39.0 // indirect
|
||||
golang.org/x/tools v0.40.0 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
|
||||
)
|
||||
|
||||
101
go.sum
101
go.sum
@@ -1,3 +1,9 @@
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.3.0 h1:RhcBKUG41/om4jgN+iF/vlY/RojTeX1QhBa4p4428ec=
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.3.0/go.mod h1:fG+VkArdkceGB0bNA7IFQus9GetLAwdF5Oi4jdMlXtY=
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.4.0 h1:tpJSKjaSmV+vxxbVx6qnStjxFVXjj2M0rygWXxLb99o=
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.4.0/go.mod h1:fG+VkArdkceGB0bNA7IFQus9GetLAwdF5Oi4jdMlXtY=
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0 h1:3xszIhck4wo9CoeRq9vnkar4PhY7kz9QrR30qj2XszA=
|
||||
git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0/go.mod h1:Weh6ZujgWmT8XxD3Qba7sJ6r5eyUMB9XSWynqdyOoLo=
|
||||
github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
|
||||
github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
|
||||
github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
|
||||
@@ -6,30 +12,48 @@ github.com/aymanbagabas/go-udiff v0.2.0 h1:TK0fH4MteXUDspT88n8CKzvK0X9O2xu9yQjWp
|
||||
github.com/aymanbagabas/go-udiff v0.2.0/go.mod h1:RE4Ex0qsGkTAJoQdQQCA0uG+nAzJO/pI/QwceO5fgrA=
|
||||
github.com/caddyserver/certmagic v0.25.0 h1:VMleO/XA48gEWes5l+Fh6tRWo9bHkhwAEhx63i+F5ic=
|
||||
github.com/caddyserver/certmagic v0.25.0/go.mod h1:m9yB7Mud24OQbPHOiipAoyKPn9pKHhpSJxXR1jydBxA=
|
||||
github.com/caddyserver/certmagic v0.25.1 h1:4sIKKbOt5pg6+sL7tEwymE1x2bj6CHr80da1CRRIPbY=
|
||||
github.com/caddyserver/certmagic v0.25.1/go.mod h1:VhyvndxtVton/Fo/wKhRoC46Rbw1fmjvQ3GjHYSQTEY=
|
||||
github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+YTAyA=
|
||||
github.com/caddyserver/zerossl v0.1.3/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
|
||||
github.com/caddyserver/zerossl v0.1.4 h1:CVJOE3MZeFisCERZjkxIcsqIH4fnFdlYWnPYeFtBHRw=
|
||||
github.com/caddyserver/zerossl v0.1.4/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
|
||||
github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs=
|
||||
github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg=
|
||||
github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw=
|
||||
github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4=
|
||||
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs=
|
||||
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk=
|
||||
github.com/charmbracelet/colorprofile v0.4.1 h1:a1lO03qTrSIRaK8c3JRxJDZOvhvIeSco3ej+ngLk1kk=
|
||||
github.com/charmbracelet/colorprofile v0.4.1/go.mod h1:U1d9Dljmdf9DLegaJ0nGZNJvoXAhayhmidOdcBwAvKk=
|
||||
github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY=
|
||||
github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30=
|
||||
github.com/charmbracelet/x/ansi v0.10.1 h1:rL3Koar5XvX0pHGfovN03f5cxLbCF2YvLeyz7D2jVDQ=
|
||||
github.com/charmbracelet/x/ansi v0.10.1/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE=
|
||||
github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd h1:vy0GVL4jeHEwG5YOXDmi86oYw2yuYUGqz6a8sLwg0X8=
|
||||
github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs=
|
||||
github.com/charmbracelet/x/ansi v0.11.3 h1:6DcVaqWI82BBVM/atTyq6yBoRLZFBsnoDoX9GCu2YOI=
|
||||
github.com/charmbracelet/x/ansi v0.11.3/go.mod h1:yI7Zslym9tCJcedxz5+WBq+eUGMJT0bM06Fqy1/Y4dI=
|
||||
github.com/charmbracelet/x/cellbuf v0.0.14 h1:iUEMryGyFTelKW3THW4+FfPgi4fkmKnnaLOXuc+/Kj4=
|
||||
github.com/charmbracelet/x/cellbuf v0.0.14/go.mod h1:P447lJl49ywBbil/KjCk2HexGh4tEY9LH0/1QrZZ9rA=
|
||||
github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ=
|
||||
github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91/go.mod h1:wDlXFlCrmJ8J+swcL/MnGUuYnqgQdW9rhSD61oNMb6U=
|
||||
github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ=
|
||||
github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg=
|
||||
github.com/charmbracelet/x/term v0.2.2 h1:xVRT/S2ZcKdhhOuSP4t5cLi5o+JxklsoEObBSgfgZRk=
|
||||
github.com/charmbracelet/x/term v0.2.2/go.mod h1:kF8CY5RddLWrsgVwpw4kAa6TESp6EB5y3uxGLeCqzAI=
|
||||
github.com/clipperhouse/displaywidth v0.6.2 h1:ZDpTkFfpHOKte4RG5O/BOyf3ysnvFswpyYrV7z2uAKo=
|
||||
github.com/clipperhouse/displaywidth v0.6.2/go.mod h1:R+kHuzaYWFkTm7xoMmK1lFydbci4X2CicfbGstSGg0o=
|
||||
github.com/clipperhouse/stringish v0.1.1 h1:+NSqMOr3GR6k1FdRhhnXrLfztGzuG+VuFDfatpWHKCs=
|
||||
github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
|
||||
github.com/clipperhouse/uax29/v2 v2.3.0 h1:SNdx9DVUqMoBuBoW3iLOj4FQv3dN5mDtuqwuhIGpJy4=
|
||||
github.com/clipperhouse/uax29/v2 v2.3.0/go.mod h1:Wn1g7MK6OoeDT0vL+Q0SQLDz/KpfsVRgg6W7ihQeh4g=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
|
||||
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
|
||||
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
||||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
|
||||
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
|
||||
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
|
||||
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
|
||||
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
|
||||
github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
|
||||
@@ -40,18 +64,18 @@ github.com/libdns/cloudflare v0.2.2 h1:XWHv+C1dDcApqazlh08Q6pjytYLgR2a+Y3xrXFu0v
|
||||
github.com/libdns/cloudflare v0.2.2/go.mod h1:w9uTmRCDlAoafAsTPnn2nJ0XHK/eaUMh86DUk8BWi60=
|
||||
github.com/libdns/libdns v1.1.1 h1:wPrHrXILoSHKWJKGd0EiAVmiJbFShguILTg9leS/P/U=
|
||||
github.com/libdns/libdns v1.1.1/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
|
||||
github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
|
||||
github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
|
||||
github.com/lucasb-eyer/go-colorful v1.3.0 h1:2/yBRLdWBZKrf7gB40FoiKfAWYQ0lqNcbuQwVHXptag=
|
||||
github.com/lucasb-eyer/go-colorful v1.3.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
|
||||
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
||||
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
|
||||
github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
|
||||
github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
|
||||
github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||
github.com/mholt/acmez/v3 v3.1.3 h1:gUl789rjbJSuM5hYzOFnNaGgWPV1xVfnOs59o0dZEcc=
|
||||
github.com/mholt/acmez/v3 v3.1.3/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
|
||||
github.com/miekg/dns v1.1.68 h1:jsSRkNozw7G/mnmXULynzMNIsgY2dHC8LO6U6Ij2JEA=
|
||||
github.com/miekg/dns v1.1.68/go.mod h1:fujopn7TB3Pu3JM69XaawiU0wqjpL9/8xGop5UrTPps=
|
||||
github.com/mattn/go-runewidth v0.0.19 h1:v++JhqYnZuu5jSKrk9RbgF5v4CGUjqRfBm05byFGLdw=
|
||||
github.com/mattn/go-runewidth v0.0.19/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs=
|
||||
github.com/mholt/acmez/v3 v3.1.4 h1:DyzZe/RnAzT3rpZj/2Ii5xZpiEvvYk3cQEN/RmqxwFQ=
|
||||
github.com/mholt/acmez/v3 v3.1.4/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
|
||||
github.com/miekg/dns v1.1.69 h1:Kb7Y/1Jo+SG+a2GtfoFUfDkG//csdRPwRLkCsxDG9Sc=
|
||||
github.com/miekg/dns v1.1.69/go.mod h1:7OyjD9nEba5OkqQ/hB4fy3PIoxafSZJtducccIelz3g=
|
||||
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI=
|
||||
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo=
|
||||
github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
|
||||
@@ -60,7 +84,6 @@ github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc
|
||||
github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||
github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
|
||||
github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
|
||||
github.com/sahilm/fuzzy v0.1.1 h1:ceu5RHF8DGgoi+/dR5PsECjCDH1BE3Fnmpo7aVXOdRA=
|
||||
@@ -75,22 +98,34 @@ github.com/zeebo/blake3 v0.2.4 h1:KYQPkhpRtcqh0ssGYcKLG1JYvddkEA8QwCM/yBqhaZI=
|
||||
github.com/zeebo/blake3 v0.2.4/go.mod h1:7eeQ6d2iXWRGF6npfaxl2CU+xy2Fjo2gxeyZGCRUjcE=
|
||||
github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo=
|
||||
github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4=
|
||||
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
|
||||
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
|
||||
go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
|
||||
go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
|
||||
go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
|
||||
go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
|
||||
go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
|
||||
go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
|
||||
go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
|
||||
go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
|
||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
|
||||
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
||||
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||
go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
|
||||
go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||
go.uber.org/zap/exp v0.3.0 h1:6JYzdifzYkGmTdRR59oYH+Ng7k49H9qVpWwNSsGJj3U=
|
||||
go.uber.org/zap/exp v0.3.0/go.mod h1:5I384qq7XGxYyByIhHm6jg5CHkGY0nsTfbDLgDDlgJQ=
|
||||
golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
|
||||
golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
|
||||
golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 h1:MDc5xs78ZrZr3HMQugiXOAkSZtfTpbJLDr/lwfgO53E=
|
||||
golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
|
||||
golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
|
||||
golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
|
||||
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
|
||||
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
|
||||
golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
|
||||
golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
|
||||
golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
|
||||
golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
|
||||
golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
|
||||
golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
|
||||
golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
|
||||
golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
|
||||
golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
@@ -101,7 +136,15 @@ golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
|
||||
golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
|
||||
golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
|
||||
golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
|
||||
golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
|
||||
golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
|
||||
golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
|
||||
golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
|
||||
gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
|
||||
gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b h1:Mv8VFug0MP9e5vUxfBcE3vUkV6CImK3cMNMIDFjmzxU=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
|
||||
google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc=
|
||||
google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U=
|
||||
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
|
||||
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
||||
421
internal/grpc/client/client.go
Normal file
421
internal/grpc/client/client.go
Normal file
@@ -0,0 +1,421 @@
|
||||
package client
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"time"
|
||||
"tunnel_pls/internal/config"
|
||||
"tunnel_pls/types"
|
||||
|
||||
"tunnel_pls/session"
|
||||
|
||||
proto "git.fossy.my.id/bagas/tunnel-please-grpc/gen"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/credentials"
|
||||
"google.golang.org/grpc/credentials/insecure"
|
||||
"google.golang.org/grpc/health/grpc_health_v1"
|
||||
"google.golang.org/grpc/keepalive"
|
||||
"google.golang.org/grpc/status"
|
||||
"google.golang.org/protobuf/types/known/timestamppb"
|
||||
)
|
||||
|
||||
type GrpcConfig struct {
|
||||
Address string
|
||||
UseTLS bool
|
||||
InsecureSkipVerify bool
|
||||
Timeout time.Duration
|
||||
KeepAlive bool
|
||||
MaxRetries int
|
||||
KeepAliveTime time.Duration
|
||||
KeepAliveTimeout time.Duration
|
||||
PermitWithoutStream bool
|
||||
}
|
||||
|
||||
type Client struct {
|
||||
conn *grpc.ClientConn
|
||||
config *GrpcConfig
|
||||
sessionRegistry session.Registry
|
||||
eventService proto.EventServiceClient
|
||||
authorizeConnectionService proto.UserServiceClient
|
||||
closing bool
|
||||
}
|
||||
|
||||
func DefaultConfig() *GrpcConfig {
|
||||
return &GrpcConfig{
|
||||
Address: "localhost:50051",
|
||||
UseTLS: false,
|
||||
InsecureSkipVerify: false,
|
||||
Timeout: 10 * time.Second,
|
||||
KeepAlive: true,
|
||||
MaxRetries: 3,
|
||||
KeepAliveTime: 2 * time.Minute,
|
||||
KeepAliveTimeout: 10 * time.Second,
|
||||
PermitWithoutStream: false,
|
||||
}
|
||||
}
|
||||
|
||||
func New(config *GrpcConfig, sessionRegistry session.Registry) (*Client, error) {
|
||||
if config == nil {
|
||||
config = DefaultConfig()
|
||||
} else {
|
||||
defaults := DefaultConfig()
|
||||
if config.Address == "" {
|
||||
config.Address = defaults.Address
|
||||
}
|
||||
if config.Timeout == 0 {
|
||||
config.Timeout = defaults.Timeout
|
||||
}
|
||||
if config.MaxRetries == 0 {
|
||||
config.MaxRetries = defaults.MaxRetries
|
||||
}
|
||||
if config.KeepAliveTime == 0 {
|
||||
config.KeepAliveTime = defaults.KeepAliveTime
|
||||
}
|
||||
if config.KeepAliveTimeout == 0 {
|
||||
config.KeepAliveTimeout = defaults.KeepAliveTimeout
|
||||
}
|
||||
}
|
||||
|
||||
var opts []grpc.DialOption
|
||||
|
||||
if config.UseTLS {
|
||||
tlsConfig := &tls.Config{
|
||||
InsecureSkipVerify: config.InsecureSkipVerify,
|
||||
}
|
||||
creds := credentials.NewTLS(tlsConfig)
|
||||
opts = append(opts, grpc.WithTransportCredentials(creds))
|
||||
} else {
|
||||
opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
|
||||
}
|
||||
|
||||
if config.KeepAlive {
|
||||
kaParams := keepalive.ClientParameters{
|
||||
Time: config.KeepAliveTime,
|
||||
Timeout: config.KeepAliveTimeout,
|
||||
PermitWithoutStream: config.PermitWithoutStream,
|
||||
}
|
||||
opts = append(opts, grpc.WithKeepaliveParams(kaParams))
|
||||
}
|
||||
|
||||
opts = append(opts,
|
||||
grpc.WithDefaultCallOptions(
|
||||
grpc.MaxCallRecvMsgSize(4*1024*1024),
|
||||
grpc.MaxCallSendMsgSize(4*1024*1024),
|
||||
),
|
||||
)
|
||||
|
||||
conn, err := grpc.NewClient(config.Address, opts...)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to connect to gRPC server at %s: %w", config.Address, err)
|
||||
}
|
||||
|
||||
eventService := proto.NewEventServiceClient(conn)
|
||||
authorizeConnectionService := proto.NewUserServiceClient(conn)
|
||||
|
||||
return &Client{
|
||||
conn: conn,
|
||||
config: config,
|
||||
sessionRegistry: sessionRegistry,
|
||||
eventService: eventService,
|
||||
authorizeConnectionService: authorizeConnectionService,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (c *Client) SubscribeEvents(ctx context.Context, identity, authToken string) error {
|
||||
const (
|
||||
baseBackoff = time.Second
|
||||
maxBackoff = 30 * time.Second
|
||||
)
|
||||
|
||||
backoff := baseBackoff
|
||||
wait := func() error {
|
||||
if backoff <= 0 {
|
||||
return nil
|
||||
}
|
||||
select {
|
||||
case <-time.After(backoff):
|
||||
return nil
|
||||
case <-ctx.Done():
|
||||
return ctx.Err()
|
||||
}
|
||||
}
|
||||
growBackoff := func() {
|
||||
backoff *= 2
|
||||
if backoff > maxBackoff {
|
||||
backoff = maxBackoff
|
||||
}
|
||||
}
|
||||
|
||||
for {
|
||||
subscribe, err := c.eventService.Subscribe(ctx)
|
||||
if err != nil {
|
||||
if errors.Is(err, context.Canceled) || status.Code(err) == codes.Canceled || ctx.Err() != nil {
|
||||
return err
|
||||
}
|
||||
if !c.isConnectionError(err) || status.Code(err) == codes.Unauthenticated {
|
||||
return err
|
||||
}
|
||||
if err = wait(); err != nil {
|
||||
return err
|
||||
}
|
||||
growBackoff()
|
||||
log.Printf("Reconnect to controller within %v sec", backoff.Seconds())
|
||||
continue
|
||||
}
|
||||
|
||||
err = subscribe.Send(&proto.Node{
|
||||
Type: proto.EventType_AUTHENTICATION,
|
||||
Payload: &proto.Node_AuthEvent{
|
||||
AuthEvent: &proto.Authentication{
|
||||
Identity: identity,
|
||||
AuthToken: authToken,
|
||||
},
|
||||
},
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
log.Println("Authentication failed to send to gRPC server:", err)
|
||||
if c.isConnectionError(err) {
|
||||
if err = wait(); err != nil {
|
||||
return err
|
||||
}
|
||||
growBackoff()
|
||||
continue
|
||||
}
|
||||
return err
|
||||
}
|
||||
log.Println("Authentication Successfully sent to gRPC server")
|
||||
backoff = baseBackoff
|
||||
|
||||
if err = c.processEventStream(subscribe); err != nil {
|
||||
if errors.Is(err, context.Canceled) || status.Code(err) == codes.Canceled || ctx.Err() != nil {
|
||||
return err
|
||||
}
|
||||
if c.isConnectionError(err) {
|
||||
log.Printf("Reconnect to controller within %v sec", backoff.Seconds())
|
||||
if err = wait(); err != nil {
|
||||
return err
|
||||
}
|
||||
growBackoff()
|
||||
continue
|
||||
}
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Client) processEventStream(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events]) error {
|
||||
handlers := c.eventHandlers(subscribe)
|
||||
|
||||
for {
|
||||
recv, err := subscribe.Recv()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
handler, ok := handlers[recv.GetType()]
|
||||
if !ok {
|
||||
log.Printf("Unknown event type received: %v", recv.GetType())
|
||||
continue
|
||||
}
|
||||
|
||||
if err = handler(recv); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Client) eventHandlers(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events]) map[proto.EventType]func(*proto.Events) error {
|
||||
return map[proto.EventType]func(*proto.Events) error{
|
||||
proto.EventType_SLUG_CHANGE: func(evt *proto.Events) error { return c.handleSlugChange(subscribe, evt) },
|
||||
proto.EventType_GET_SESSIONS: func(evt *proto.Events) error { return c.handleGetSessions(subscribe, evt) },
|
||||
proto.EventType_TERMINATE_SESSION: func(evt *proto.Events) error { return c.handleTerminateSession(subscribe, evt) },
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Client) handleSlugChange(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
|
||||
slugEvent := evt.GetSlugEvent()
|
||||
user := slugEvent.GetUser()
|
||||
oldSlug := slugEvent.GetOld()
|
||||
newSlug := slugEvent.GetNew()
|
||||
|
||||
userSession, err := c.sessionRegistry.Get(types.SessionKey{Id: oldSlug, Type: types.HTTP})
|
||||
if err != nil {
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_SLUG_CHANGE_RESPONSE,
|
||||
Payload: &proto.Node_SlugEventResponse{
|
||||
SlugEventResponse: &proto.SlugChangeEventResponse{Success: false, Message: err.Error()},
|
||||
},
|
||||
}, "slug change failure response")
|
||||
}
|
||||
|
||||
if err = c.sessionRegistry.Update(user, types.SessionKey{Id: oldSlug, Type: types.HTTP}, types.SessionKey{Id: newSlug, Type: types.HTTP}); err != nil {
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_SLUG_CHANGE_RESPONSE,
|
||||
Payload: &proto.Node_SlugEventResponse{
|
||||
SlugEventResponse: &proto.SlugChangeEventResponse{Success: false, Message: err.Error()},
|
||||
},
|
||||
}, "slug change failure response")
|
||||
}
|
||||
|
||||
userSession.GetInteraction().Redraw()
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_SLUG_CHANGE_RESPONSE,
|
||||
Payload: &proto.Node_SlugEventResponse{
|
||||
SlugEventResponse: &proto.SlugChangeEventResponse{Success: true, Message: ""},
|
||||
},
|
||||
}, "slug change success response")
|
||||
}
|
||||
|
||||
func (c *Client) handleGetSessions(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
|
||||
sessions := c.sessionRegistry.GetAllSessionFromUser(evt.GetGetSessionsEvent().GetIdentity())
|
||||
|
||||
var details []*proto.Detail
|
||||
for _, ses := range sessions {
|
||||
detail := ses.Detail()
|
||||
details = append(details, &proto.Detail{
|
||||
Node: config.Getenv("DOMAIN", "localhost"),
|
||||
ForwardingType: detail.ForwardingType,
|
||||
Slug: detail.Slug,
|
||||
UserId: detail.UserID,
|
||||
Active: detail.Active,
|
||||
StartedAt: timestamppb.New(detail.StartedAt),
|
||||
})
|
||||
}
|
||||
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_GET_SESSIONS,
|
||||
Payload: &proto.Node_GetSessionsEvent{
|
||||
GetSessionsEvent: &proto.GetSessionsResponse{Details: details},
|
||||
},
|
||||
}, "send get sessions response")
|
||||
}
|
||||
|
||||
func (c *Client) handleTerminateSession(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
|
||||
terminate := evt.GetTerminateSessionEvent()
|
||||
user := terminate.GetUser()
|
||||
slug := terminate.GetSlug()
|
||||
|
||||
tunnelType, err := c.protoToTunnelType(terminate.GetTunnelType())
|
||||
if err != nil {
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_TERMINATE_SESSION,
|
||||
Payload: &proto.Node_TerminateSessionEventResponse{
|
||||
TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
|
||||
},
|
||||
}, "terminate session invalid tunnel type")
|
||||
}
|
||||
|
||||
userSession, err := c.sessionRegistry.GetWithUser(user, types.SessionKey{Id: slug, Type: tunnelType})
|
||||
if err != nil {
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_TERMINATE_SESSION,
|
||||
Payload: &proto.Node_TerminateSessionEventResponse{
|
||||
TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
|
||||
},
|
||||
}, "terminate session fetch failed")
|
||||
}
|
||||
|
||||
if err = userSession.GetLifecycle().Close(); err != nil {
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_TERMINATE_SESSION,
|
||||
Payload: &proto.Node_TerminateSessionEventResponse{
|
||||
TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
|
||||
},
|
||||
}, "terminate session close failed")
|
||||
}
|
||||
|
||||
return c.sendNode(subscribe, &proto.Node{
|
||||
Type: proto.EventType_TERMINATE_SESSION,
|
||||
Payload: &proto.Node_TerminateSessionEventResponse{
|
||||
TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: true, Message: ""},
|
||||
},
|
||||
}, "terminate session success response")
|
||||
}
|
||||
|
||||
func (c *Client) sendNode(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], node *proto.Node, context string) error {
|
||||
if err := subscribe.Send(node); err != nil {
|
||||
if c.isConnectionError(err) {
|
||||
return err
|
||||
}
|
||||
log.Printf("%s: %v", context, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) protoToTunnelType(t proto.TunnelType) (types.TunnelType, error) {
|
||||
switch t {
|
||||
case proto.TunnelType_HTTP:
|
||||
return types.HTTP, nil
|
||||
case proto.TunnelType_TCP:
|
||||
return types.TCP, nil
|
||||
default:
|
||||
return types.UNKNOWN, fmt.Errorf("unknown tunnel type received")
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Client) GetConnection() *grpc.ClientConn {
|
||||
return c.conn
|
||||
}
|
||||
|
||||
func (c *Client) AuthorizeConn(ctx context.Context, token string) (authorized bool, user string, err error) {
|
||||
check, err := c.authorizeConnectionService.Check(ctx, &proto.CheckRequest{AuthToken: token})
|
||||
if err != nil {
|
||||
return false, "UNAUTHORIZED", err
|
||||
}
|
||||
|
||||
if check.GetResponse() == proto.AuthorizationResponse_MESSAGE_TYPE_UNAUTHORIZED {
|
||||
return false, "UNAUTHORIZED", nil
|
||||
}
|
||||
return true, check.GetUser(), nil
|
||||
}
|
||||
|
||||
func (c *Client) Close() error {
|
||||
if c.conn != nil {
|
||||
log.Printf("Closing gRPC connection to %s", c.config.Address)
|
||||
c.closing = true
|
||||
return c.conn.Close()
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) CheckServerHealth(ctx context.Context) error {
|
||||
healthClient := grpc_health_v1.NewHealthClient(c.GetConnection())
|
||||
resp, err := healthClient.Check(ctx, &grpc_health_v1.HealthCheckRequest{
|
||||
Service: "",
|
||||
})
|
||||
if err != nil {
|
||||
return fmt.Errorf("health check failed: %w", err)
|
||||
}
|
||||
if resp.Status != grpc_health_v1.HealthCheckResponse_SERVING {
|
||||
return fmt.Errorf("server not serving: %v", resp.Status)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) GetConfig() *GrpcConfig {
|
||||
return c.config
|
||||
}
|
||||
|
||||
func (c *Client) isConnectionError(err error) bool {
|
||||
if c.closing {
|
||||
return false
|
||||
}
|
||||
if err == nil {
|
||||
return false
|
||||
}
|
||||
if errors.Is(err, io.EOF) {
|
||||
return true
|
||||
}
|
||||
switch status.Code(err) {
|
||||
case codes.Unavailable, codes.Canceled, codes.DeadlineExceeded:
|
||||
return true
|
||||
default:
|
||||
return false
|
||||
}
|
||||
}
|
||||
80
main.go
80
main.go
@@ -1,12 +1,18 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
_ "net/http/pprof"
|
||||
"os"
|
||||
"os/signal"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
"tunnel_pls/internal/config"
|
||||
"tunnel_pls/internal/grpc/client"
|
||||
"tunnel_pls/internal/key"
|
||||
"tunnel_pls/server"
|
||||
"tunnel_pls/session"
|
||||
@@ -26,6 +32,9 @@ func main() {
|
||||
|
||||
log.Printf("Starting %s", version.GetVersion())
|
||||
|
||||
mode := strings.ToLower(config.Getenv("MODE", "standalone"))
|
||||
isNodeMode := mode == "node"
|
||||
|
||||
pprofEnabled := config.Getenv("PPROF_ENABLED", "false")
|
||||
if pprofEnabled == "true" {
|
||||
pprofPort := config.Getenv("PPROF_PORT", "6060")
|
||||
@@ -61,9 +70,72 @@ func main() {
|
||||
sshConfig.AddHostKey(private)
|
||||
sessionRegistry := session.NewRegistry()
|
||||
|
||||
app, err := server.NewServer(sshConfig, sessionRegistry)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to start server: %s", err)
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
|
||||
errChan := make(chan error, 2)
|
||||
shutdownChan := make(chan os.Signal, 1)
|
||||
signal.Notify(shutdownChan, os.Interrupt, syscall.SIGTERM)
|
||||
|
||||
var grpcClient *client.Client
|
||||
if isNodeMode {
|
||||
grpcHost := config.Getenv("GRPC_ADDRESS", "localhost")
|
||||
grpcPort := config.Getenv("GRPC_PORT", "8080")
|
||||
grpcAddr := fmt.Sprintf("%s:%s", grpcHost, grpcPort)
|
||||
nodeToken := config.Getenv("NODE_TOKEN", "")
|
||||
if nodeToken == "" {
|
||||
log.Fatalf("NODE_TOKEN is required in node mode")
|
||||
}
|
||||
|
||||
c, err := client.New(&client.GrpcConfig{
|
||||
Address: grpcAddr,
|
||||
UseTLS: false,
|
||||
InsecureSkipVerify: false,
|
||||
Timeout: 10 * time.Second,
|
||||
KeepAlive: true,
|
||||
MaxRetries: 3,
|
||||
}, sessionRegistry)
|
||||
if err != nil {
|
||||
log.Fatalf("failed to create grpc client: %v", err)
|
||||
}
|
||||
grpcClient = c
|
||||
|
||||
healthCtx, healthCancel := context.WithTimeout(ctx, 5*time.Second)
|
||||
if err := grpcClient.CheckServerHealth(healthCtx); err != nil {
|
||||
healthCancel()
|
||||
log.Fatalf("gRPC health check failed: %v", err)
|
||||
}
|
||||
healthCancel()
|
||||
|
||||
go func() {
|
||||
identity := config.Getenv("DOMAIN", "localhost")
|
||||
if err := grpcClient.SubscribeEvents(ctx, identity, nodeToken); err != nil {
|
||||
errChan <- fmt.Errorf("failed to subscribe to events: %w", err)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
go func() {
|
||||
app, err := server.NewServer(sshConfig, sessionRegistry, grpcClient)
|
||||
if err != nil {
|
||||
errChan <- fmt.Errorf("failed to start server: %s", err)
|
||||
return
|
||||
}
|
||||
app.Start()
|
||||
}()
|
||||
|
||||
select {
|
||||
case err := <-errChan:
|
||||
log.Printf("error happen : %s", err)
|
||||
case sig := <-shutdownChan:
|
||||
log.Printf("received signal %s, shutting down", sig)
|
||||
}
|
||||
|
||||
cancel()
|
||||
|
||||
if grpcClient != nil {
|
||||
if err := grpcClient.Close(); err != nil {
|
||||
log.Printf("failed to close grpc conn : %s", err)
|
||||
}
|
||||
}
|
||||
app.Start()
|
||||
}
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
module.exports = {
|
||||
"endpoint": "https://git.fossy.my.id/api/v1",
|
||||
"gitAuthor": "Renovate-Clanker <renovate-bot@fossy.my.id>",
|
||||
"platform": "gitea",
|
||||
"onboardingConfigFileName": "renovate.json",
|
||||
"autodiscover": true,
|
||||
"optimizeForDisabled": true,
|
||||
};
|
||||
130
server/header.go
130
server/header.go
@@ -4,7 +4,6 @@ import (
|
||||
"bufio"
|
||||
"bytes"
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type HeaderManager interface {
|
||||
@@ -44,43 +43,132 @@ type requestHeaderFactory struct {
|
||||
headers map[string]string
|
||||
}
|
||||
|
||||
func NewRequestHeaderFactory(br *bufio.Reader) (RequestHeaderManager, error) {
|
||||
func NewRequestHeaderFactory(r interface{}) (RequestHeaderManager, error) {
|
||||
switch v := r.(type) {
|
||||
case []byte:
|
||||
return parseHeadersFromBytes(v)
|
||||
case *bufio.Reader:
|
||||
return parseHeadersFromReader(v)
|
||||
default:
|
||||
return nil, fmt.Errorf("unsupported type: %T", r)
|
||||
}
|
||||
}
|
||||
|
||||
func parseHeadersFromBytes(headerData []byte) (RequestHeaderManager, error) {
|
||||
header := &requestHeaderFactory{
|
||||
headers: make(map[string]string),
|
||||
headers: make(map[string]string, 16),
|
||||
}
|
||||
|
||||
startLine, err := br.ReadString('\n')
|
||||
if err != nil {
|
||||
return nil, err
|
||||
lineEnd := bytes.IndexByte(headerData, '\n')
|
||||
if lineEnd == -1 {
|
||||
return nil, fmt.Errorf("invalid request: no newline found")
|
||||
}
|
||||
startLine = strings.TrimRight(startLine, "\r\n")
|
||||
header.startLine = []byte(startLine)
|
||||
|
||||
parts := strings.Split(startLine, " ")
|
||||
startLine := bytes.TrimRight(headerData[:lineEnd], "\r\n")
|
||||
header.startLine = make([]byte, len(startLine))
|
||||
copy(header.startLine, startLine)
|
||||
|
||||
parts := bytes.Split(startLine, []byte{' '})
|
||||
if len(parts) < 3 {
|
||||
return nil, fmt.Errorf("invalid request line")
|
||||
}
|
||||
|
||||
header.method = parts[0]
|
||||
header.path = parts[1]
|
||||
header.version = parts[2]
|
||||
header.method = string(parts[0])
|
||||
header.path = string(parts[1])
|
||||
header.version = string(parts[2])
|
||||
|
||||
for {
|
||||
line, err := br.ReadString('\n')
|
||||
if err != nil {
|
||||
return nil, err
|
||||
remaining := headerData[lineEnd+1:]
|
||||
|
||||
for len(remaining) > 0 {
|
||||
lineEnd = bytes.IndexByte(remaining, '\n')
|
||||
if lineEnd == -1 {
|
||||
lineEnd = len(remaining)
|
||||
}
|
||||
line = strings.TrimRight(line, "\r\n")
|
||||
|
||||
if line == "" {
|
||||
line := bytes.TrimRight(remaining[:lineEnd], "\r\n")
|
||||
|
||||
if len(line) == 0 {
|
||||
break
|
||||
}
|
||||
|
||||
kv := strings.SplitN(line, ":", 2)
|
||||
if len(kv) != 2 {
|
||||
colonIdx := bytes.IndexByte(line, ':')
|
||||
if colonIdx != -1 {
|
||||
key := bytes.TrimSpace(line[:colonIdx])
|
||||
value := bytes.TrimSpace(line[colonIdx+1:])
|
||||
header.headers[string(key)] = string(value)
|
||||
}
|
||||
|
||||
if lineEnd == len(remaining) {
|
||||
break
|
||||
}
|
||||
remaining = remaining[lineEnd+1:]
|
||||
}
|
||||
|
||||
return header, nil
|
||||
}
|
||||
|
||||
func parseHeadersFromReader(br *bufio.Reader) (RequestHeaderManager, error) {
|
||||
header := &requestHeaderFactory{
|
||||
headers: make(map[string]string, 16),
|
||||
}
|
||||
|
||||
startLineBytes, err := br.ReadSlice('\n')
|
||||
if err != nil {
|
||||
if err == bufio.ErrBufferFull {
|
||||
var startLine string
|
||||
startLine, err = br.ReadString('\n')
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
startLineBytes = []byte(startLine)
|
||||
} else {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
startLineBytes = bytes.TrimRight(startLineBytes, "\r\n")
|
||||
header.startLine = make([]byte, len(startLineBytes))
|
||||
copy(header.startLine, startLineBytes)
|
||||
|
||||
parts := bytes.Split(startLineBytes, []byte{' '})
|
||||
if len(parts) < 3 {
|
||||
return nil, fmt.Errorf("invalid request line")
|
||||
}
|
||||
|
||||
header.method = string(parts[0])
|
||||
header.path = string(parts[1])
|
||||
header.version = string(parts[2])
|
||||
|
||||
for {
|
||||
lineBytes, err := br.ReadSlice('\n')
|
||||
if err != nil {
|
||||
if err == bufio.ErrBufferFull {
|
||||
var line string
|
||||
line, err = br.ReadString('\n')
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
lineBytes = []byte(line)
|
||||
} else {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
lineBytes = bytes.TrimRight(lineBytes, "\r\n")
|
||||
|
||||
if len(lineBytes) == 0 {
|
||||
break
|
||||
}
|
||||
|
||||
colonIdx := bytes.IndexByte(lineBytes, ':')
|
||||
if colonIdx == -1 {
|
||||
continue
|
||||
}
|
||||
header.headers[strings.TrimSpace(kv[0])] = strings.TrimSpace(kv[1])
|
||||
|
||||
key := bytes.TrimSpace(lineBytes[:colonIdx])
|
||||
value := bytes.TrimSpace(lineBytes[colonIdx+1:])
|
||||
|
||||
header.headers[string(key)] = string(value)
|
||||
}
|
||||
|
||||
return header, nil
|
||||
|
||||
@@ -13,6 +13,7 @@ import (
|
||||
"time"
|
||||
"tunnel_pls/internal/config"
|
||||
"tunnel_pls/session"
|
||||
"tunnel_pls/types"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
@@ -99,8 +100,7 @@ func (cw *customWriter) Read(p []byte) (int, error) {
|
||||
}
|
||||
}
|
||||
|
||||
headerReader := bufio.NewReader(bytes.NewReader(header))
|
||||
reqhf, err := NewRequestHeaderFactory(headerReader)
|
||||
reqhf, err := NewRequestHeaderFactory(header)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
@@ -314,8 +314,11 @@ func (hs *httpServer) handler(conn net.Conn) {
|
||||
return
|
||||
}
|
||||
|
||||
sshSession, exist := hs.sessionRegistry.Get(slug)
|
||||
if !exist {
|
||||
sshSession, err := hs.sessionRegistry.Get(types.SessionKey{
|
||||
Id: slug,
|
||||
Type: types.HTTP,
|
||||
})
|
||||
if err != nil {
|
||||
_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
|
||||
fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
|
||||
"Content-Length: 0\r\n" +
|
||||
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
"net"
|
||||
"strings"
|
||||
"tunnel_pls/internal/config"
|
||||
"tunnel_pls/types"
|
||||
)
|
||||
|
||||
func (hs *httpServer) ListenAndServeTLS() error {
|
||||
@@ -89,8 +90,11 @@ func (hs *httpServer) handlerTLS(conn net.Conn) {
|
||||
return
|
||||
}
|
||||
|
||||
sshSession, exist := hs.sessionRegistry.Get(slug)
|
||||
if !exist {
|
||||
sshSession, err := hs.sessionRegistry.Get(types.SessionKey{
|
||||
Id: slug,
|
||||
Type: types.HTTP,
|
||||
})
|
||||
if err != nil {
|
||||
_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
|
||||
fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
|
||||
"Content-Length: 0\r\n" +
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
package server
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"net"
|
||||
"time"
|
||||
"tunnel_pls/internal/config"
|
||||
"tunnel_pls/internal/grpc/client"
|
||||
"tunnel_pls/session"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
@@ -14,9 +18,10 @@ type Server struct {
|
||||
conn *net.Listener
|
||||
config *ssh.ServerConfig
|
||||
sessionRegistry session.Registry
|
||||
grpcClient *client.Client
|
||||
}
|
||||
|
||||
func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*Server, error) {
|
||||
func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry, grpcClient *client.Client) (*Server, error) {
|
||||
listener, err := net.Listen("tcp", fmt.Sprintf(":%s", config.Getenv("PORT", "2200")))
|
||||
if err != nil {
|
||||
log.Fatalf("failed to listen on port 2200: %v", err)
|
||||
@@ -42,6 +47,7 @@ func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*
|
||||
conn: &listener,
|
||||
config: sshConfig,
|
||||
sessionRegistry: sessionRegistry,
|
||||
grpcClient: grpcClient,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -62,7 +68,7 @@ func (s *Server) handleConnection(conn net.Conn) {
|
||||
sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
|
||||
if err != nil {
|
||||
log.Printf("failed to establish SSH connection: %v", err)
|
||||
err := conn.Close()
|
||||
err = conn.Close()
|
||||
if err != nil {
|
||||
log.Printf("failed to close SSH connection: %v", err)
|
||||
return
|
||||
@@ -70,9 +76,23 @@ func (s *Server) handleConnection(conn net.Conn) {
|
||||
return
|
||||
}
|
||||
|
||||
log.Println("SSH connection established:", sshConn.User())
|
||||
defer func(sshConn *ssh.ServerConn) {
|
||||
err = sshConn.Close()
|
||||
if err != nil && !errors.Is(err, net.ErrClosed) {
|
||||
log.Printf("failed to close SSH server: %v", err)
|
||||
}
|
||||
}(sshConn)
|
||||
|
||||
sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry)
|
||||
user := "UNAUTHORIZED"
|
||||
if s.grpcClient != nil {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
|
||||
_, u, _ := s.grpcClient.AuthorizeConn(ctx, sshConn.User())
|
||||
user = u
|
||||
cancel()
|
||||
}
|
||||
|
||||
log.Println("SSH connection established:", sshConn.User())
|
||||
sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry, user)
|
||||
err = sshSession.Start()
|
||||
if err != nil {
|
||||
log.Printf("SSH session ended with error: %v", err)
|
||||
|
||||
@@ -301,7 +301,22 @@ func (tm *tlsManager) initCertMagic() error {
|
||||
func (tm *tlsManager) getTLSConfig() *tls.Config {
|
||||
return &tls.Config{
|
||||
GetCertificate: tm.getCertificate,
|
||||
MinVersion: tls.VersionTLS12,
|
||||
MinVersion: tls.VersionTLS13,
|
||||
MaxVersion: tls.VersionTLS13,
|
||||
|
||||
SessionTicketsDisabled: false,
|
||||
|
||||
CipherSuites: []uint16{
|
||||
tls.TLS_AES_128_GCM_SHA256,
|
||||
tls.TLS_CHACHA20_POLY1305_SHA256,
|
||||
},
|
||||
|
||||
CurvePreferences: []tls.CurveID{
|
||||
tls.X25519,
|
||||
},
|
||||
|
||||
ClientAuth: tls.NoClientCert,
|
||||
NextProtos: nil,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -164,8 +164,9 @@ func (s *SSHSession) HandleTCPIPForward(req *ssh.Request) {
|
||||
|
||||
func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
|
||||
slug := random.GenerateRandomString(20)
|
||||
key := types.SessionKey{Id: slug, Type: types.HTTP}
|
||||
|
||||
if !s.registry.Register(slug, s) {
|
||||
if !s.registry.Register(key, s) {
|
||||
log.Printf("Failed to register client with slug: %s", slug)
|
||||
err := req.Reply(false, nil)
|
||||
if err != nil {
|
||||
@@ -178,7 +179,7 @@ func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
|
||||
err := binary.Write(buf, binary.BigEndian, uint32(portToBind))
|
||||
if err != nil {
|
||||
log.Println("Failed to write port to buffer:", err)
|
||||
s.registry.Remove(slug)
|
||||
s.registry.Remove(key)
|
||||
err = req.Reply(false, nil)
|
||||
if err != nil {
|
||||
log.Println("Failed to reply to request:", err)
|
||||
@@ -190,7 +191,7 @@ func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
|
||||
err = req.Reply(true, buf.Bytes())
|
||||
if err != nil {
|
||||
log.Println("Failed to reply to request:", err)
|
||||
s.registry.Remove(slug)
|
||||
s.registry.Remove(key)
|
||||
err = req.Reply(false, nil)
|
||||
if err != nil {
|
||||
log.Println("Failed to reply to request:", err)
|
||||
@@ -225,10 +226,29 @@ func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind
|
||||
return
|
||||
}
|
||||
|
||||
key := types.SessionKey{Id: fmt.Sprintf("%d", portToBind), Type: types.TCP}
|
||||
|
||||
if !s.registry.Register(key, s) {
|
||||
log.Printf("Failed to register TCP client with id: %s", key.Id)
|
||||
if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
|
||||
log.Printf("Failed to reset port status: %v", setErr)
|
||||
}
|
||||
if closeErr := listener.Close(); closeErr != nil {
|
||||
log.Printf("Failed to close listener: %s", closeErr)
|
||||
}
|
||||
err = req.Reply(false, nil)
|
||||
if err != nil {
|
||||
log.Println("Failed to reply to request:", err)
|
||||
}
|
||||
_ = s.lifecycle.Close()
|
||||
return
|
||||
}
|
||||
|
||||
buf := new(bytes.Buffer)
|
||||
err = binary.Write(buf, binary.BigEndian, uint32(portToBind))
|
||||
if err != nil {
|
||||
log.Println("Failed to write port to buffer:", err)
|
||||
s.registry.Remove(key)
|
||||
if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
|
||||
log.Printf("Failed to reset port status: %v", setErr)
|
||||
}
|
||||
@@ -244,6 +264,7 @@ func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind
|
||||
err = req.Reply(true, buf.Bytes())
|
||||
if err != nil {
|
||||
log.Println("Failed to reply to request:", err)
|
||||
s.registry.Remove(key)
|
||||
if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
|
||||
log.Printf("Failed to reset port status: %v", setErr)
|
||||
}
|
||||
@@ -258,6 +279,7 @@ func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind
|
||||
s.forwarder.SetType(types.TCP)
|
||||
s.forwarder.SetListener(listener)
|
||||
s.forwarder.SetForwardedPort(portToBind)
|
||||
s.slugManager.Set(key.Id)
|
||||
s.lifecycle.SetStatus(types.RUNNING)
|
||||
go s.forwarder.AcceptTCPConnections()
|
||||
s.interaction.Start()
|
||||
|
||||
@@ -1,152 +0,0 @@
|
||||
package interaction
|
||||
|
||||
const (
|
||||
backspaceChar = 8
|
||||
deleteChar = 127
|
||||
enterChar = 13
|
||||
escapeChar = 27
|
||||
ctrlC = 3
|
||||
forwardSlash = '/'
|
||||
minPrintableChar = 32
|
||||
maxPrintableChar = 126
|
||||
|
||||
minSlugLength = 3
|
||||
maxSlugLength = 20
|
||||
|
||||
clearScreen = "\033[H\033[2J"
|
||||
clearLine = "\033[K"
|
||||
clearToLineEnd = "\r\033[K"
|
||||
backspaceSeq = "\b \b"
|
||||
|
||||
minBoxWidth = 50
|
||||
paddingRight = 4
|
||||
)
|
||||
|
||||
var forbiddenSlugs = map[string]struct{}{
|
||||
"ping": {},
|
||||
"staging": {},
|
||||
"admin": {},
|
||||
"root": {},
|
||||
"api": {},
|
||||
"www": {},
|
||||
"support": {},
|
||||
"help": {},
|
||||
"status": {},
|
||||
"health": {},
|
||||
"login": {},
|
||||
"logout": {},
|
||||
"signup": {},
|
||||
"register": {},
|
||||
"settings": {},
|
||||
"config": {},
|
||||
"null": {},
|
||||
"undefined": {},
|
||||
"example": {},
|
||||
"test": {},
|
||||
"dev": {},
|
||||
"system": {},
|
||||
"administrator": {},
|
||||
"dashboard": {},
|
||||
"account": {},
|
||||
"profile": {},
|
||||
"user": {},
|
||||
"users": {},
|
||||
"auth": {},
|
||||
"oauth": {},
|
||||
"callback": {},
|
||||
"webhook": {},
|
||||
"webhooks": {},
|
||||
"static": {},
|
||||
"assets": {},
|
||||
"cdn": {},
|
||||
"mail": {},
|
||||
"email": {},
|
||||
"ftp": {},
|
||||
"ssh": {},
|
||||
"git": {},
|
||||
"svn": {},
|
||||
"blog": {},
|
||||
"news": {},
|
||||
"about": {},
|
||||
"contact": {},
|
||||
"terms": {},
|
||||
"privacy": {},
|
||||
"legal": {},
|
||||
"billing": {},
|
||||
"payment": {},
|
||||
"checkout": {},
|
||||
"cart": {},
|
||||
"shop": {},
|
||||
"store": {},
|
||||
"download": {},
|
||||
"uploads": {},
|
||||
"images": {},
|
||||
"img": {},
|
||||
"css": {},
|
||||
"js": {},
|
||||
"fonts": {},
|
||||
"public": {},
|
||||
"private": {},
|
||||
"internal": {},
|
||||
"external": {},
|
||||
"proxy": {},
|
||||
"cache": {},
|
||||
"debug": {},
|
||||
"metrics": {},
|
||||
"monitoring": {},
|
||||
"graphql": {},
|
||||
"rest": {},
|
||||
"rpc": {},
|
||||
"socket": {},
|
||||
"ws": {},
|
||||
"wss": {},
|
||||
"app": {},
|
||||
"apps": {},
|
||||
"mobile": {},
|
||||
"desktop": {},
|
||||
"embed": {},
|
||||
"widget": {},
|
||||
"docs": {},
|
||||
"documentation": {},
|
||||
"wiki": {},
|
||||
"forum": {},
|
||||
"community": {},
|
||||
"feedback": {},
|
||||
"report": {},
|
||||
"abuse": {},
|
||||
"spam": {},
|
||||
"security": {},
|
||||
"verify": {},
|
||||
"confirm": {},
|
||||
"reset": {},
|
||||
"password": {},
|
||||
"recovery": {},
|
||||
"unsubscribe": {},
|
||||
"subscribe": {},
|
||||
"notifications": {},
|
||||
"alerts": {},
|
||||
"messages": {},
|
||||
"inbox": {},
|
||||
"outbox": {},
|
||||
"sent": {},
|
||||
"draft": {},
|
||||
"trash": {},
|
||||
"archive": {},
|
||||
"search": {},
|
||||
"explore": {},
|
||||
"discover": {},
|
||||
"trending": {},
|
||||
"popular": {},
|
||||
"featured": {},
|
||||
"new": {},
|
||||
"latest": {},
|
||||
"top": {},
|
||||
"best": {},
|
||||
"hot": {},
|
||||
"random": {},
|
||||
"all": {},
|
||||
"any": {},
|
||||
"none": {},
|
||||
"true": {},
|
||||
"false": {},
|
||||
}
|
||||
@@ -23,14 +23,20 @@ import (
|
||||
|
||||
type Lifecycle interface {
|
||||
Close() error
|
||||
GetUser() string
|
||||
}
|
||||
|
||||
type SessionRegistry interface {
|
||||
Update(user string, oldKey, newKey types.SessionKey) error
|
||||
}
|
||||
|
||||
type Controller interface {
|
||||
SetChannel(channel ssh.Channel)
|
||||
SetLifecycle(lifecycle Lifecycle)
|
||||
SetSlugModificator(func(oldSlug, newSlug string) bool)
|
||||
Start()
|
||||
SetWH(w, h int)
|
||||
Redraw()
|
||||
SetSessionRegistry(registry SessionRegistry)
|
||||
}
|
||||
|
||||
type Forwarder interface {
|
||||
@@ -40,14 +46,14 @@ type Forwarder interface {
|
||||
}
|
||||
|
||||
type Interaction struct {
|
||||
channel ssh.Channel
|
||||
slugManager slug.Manager
|
||||
forwarder Forwarder
|
||||
lifecycle Lifecycle
|
||||
updateClientSlug func(oldSlug, newSlug string) bool
|
||||
program *tea.Program
|
||||
ctx context.Context
|
||||
cancel context.CancelFunc
|
||||
channel ssh.Channel
|
||||
slugManager slug.Manager
|
||||
forwarder Forwarder
|
||||
lifecycle Lifecycle
|
||||
sessionRegistry SessionRegistry
|
||||
program *tea.Program
|
||||
ctx context.Context
|
||||
cancel context.CancelFunc
|
||||
}
|
||||
|
||||
func (i *Interaction) SetWH(w, h int) {
|
||||
@@ -65,7 +71,6 @@ type commandItem struct {
|
||||
}
|
||||
|
||||
type model struct {
|
||||
tunnelURL string
|
||||
domain string
|
||||
protocol string
|
||||
tunnelType types.TunnelType
|
||||
@@ -84,6 +89,13 @@ type model struct {
|
||||
height int
|
||||
}
|
||||
|
||||
func (m *model) getTunnelURL() string {
|
||||
if m.tunnelType == types.HTTP {
|
||||
return buildURL(m.protocol, m.interaction.slugManager.Get(), m.domain)
|
||||
}
|
||||
return fmt.Sprintf("tcp://%s:%d", m.domain, m.port)
|
||||
}
|
||||
|
||||
type keymap struct {
|
||||
quit key.Binding
|
||||
command key.Binding
|
||||
@@ -95,17 +107,21 @@ type tickMsg time.Time
|
||||
func NewInteraction(slugManager slug.Manager, forwarder Forwarder) *Interaction {
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
return &Interaction{
|
||||
channel: nil,
|
||||
slugManager: slugManager,
|
||||
forwarder: forwarder,
|
||||
lifecycle: nil,
|
||||
updateClientSlug: nil,
|
||||
program: nil,
|
||||
ctx: ctx,
|
||||
cancel: cancel,
|
||||
channel: nil,
|
||||
slugManager: slugManager,
|
||||
forwarder: forwarder,
|
||||
lifecycle: nil,
|
||||
sessionRegistry: nil,
|
||||
program: nil,
|
||||
ctx: ctx,
|
||||
cancel: cancel,
|
||||
}
|
||||
}
|
||||
|
||||
func (i *Interaction) SetSessionRegistry(registry SessionRegistry) {
|
||||
i.sessionRegistry = registry
|
||||
}
|
||||
|
||||
func (i *Interaction) SetLifecycle(lifecycle Lifecycle) {
|
||||
i.lifecycle = lifecycle
|
||||
}
|
||||
@@ -114,10 +130,6 @@ func (i *Interaction) SetChannel(channel ssh.Channel) {
|
||||
i.channel = channel
|
||||
}
|
||||
|
||||
func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) (success bool)) {
|
||||
i.updateClientSlug = modificator
|
||||
}
|
||||
|
||||
func (i *Interaction) Stop() {
|
||||
if i.cancel != nil {
|
||||
i.cancel()
|
||||
@@ -163,11 +175,11 @@ func tickCmd(d time.Duration) tea.Cmd {
|
||||
})
|
||||
}
|
||||
|
||||
func (m model) Init() tea.Cmd {
|
||||
func (m *model) Init() tea.Cmd {
|
||||
return tea.Batch(textinput.Blink, tea.WindowSize())
|
||||
}
|
||||
|
||||
func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
|
||||
func (m *model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
|
||||
var cmd tea.Cmd
|
||||
|
||||
switch msg := msg.(type) {
|
||||
@@ -211,21 +223,16 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
|
||||
return m, tea.Batch(tea.ClearScreen, textinput.Blink)
|
||||
case "enter":
|
||||
inputValue := m.slugInput.Value()
|
||||
|
||||
if isForbiddenSlug(inputValue) {
|
||||
m.slugError = "This subdomain is reserved. Please choose a different one."
|
||||
return m, nil
|
||||
} else if !isValidSlug(inputValue) {
|
||||
m.slugError = "Invalid subdomain. Follow the rules."
|
||||
if err := m.interaction.sessionRegistry.Update(m.interaction.lifecycle.GetUser(), types.SessionKey{
|
||||
Id: m.interaction.slugManager.Get(),
|
||||
Type: types.HTTP,
|
||||
}, types.SessionKey{
|
||||
Id: inputValue,
|
||||
Type: types.HTTP,
|
||||
}); err != nil {
|
||||
m.slugError = err.Error()
|
||||
return m, nil
|
||||
}
|
||||
|
||||
if !m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue) {
|
||||
m.slugError = "Someone already uses this subdomain."
|
||||
return m, nil
|
||||
}
|
||||
|
||||
m.tunnelURL = buildURL(m.protocol, inputValue, m.domain)
|
||||
m.editingSlug = false
|
||||
m.slugError = ""
|
||||
return m, tea.Batch(tea.ClearScreen, textinput.Blink)
|
||||
@@ -291,14 +298,20 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
|
||||
return m, nil
|
||||
}
|
||||
|
||||
func (m model) helpView() string {
|
||||
func (i *Interaction) Redraw() {
|
||||
if i.program != nil {
|
||||
i.program.Send(tea.ClearScreen())
|
||||
}
|
||||
}
|
||||
|
||||
func (m *model) helpView() string {
|
||||
return "\n" + m.help.ShortHelpView([]key.Binding{
|
||||
m.keymap.command,
|
||||
m.keymap.quit,
|
||||
})
|
||||
}
|
||||
|
||||
func (m model) View() string {
|
||||
func (m *model) View() string {
|
||||
if m.quitting {
|
||||
return ""
|
||||
}
|
||||
@@ -659,22 +672,32 @@ func (m model) View() string {
|
||||
MarginBottom(boxMargin).
|
||||
Width(boxMaxWidth)
|
||||
|
||||
urlDisplay := m.tunnelURL
|
||||
if shouldUseCompactLayout(m.width, 80) && len(m.tunnelURL) > m.width-20 {
|
||||
maxLen := m.width - 25
|
||||
if maxLen > 10 {
|
||||
urlDisplay = truncateString(m.tunnelURL, maxLen)
|
||||
}
|
||||
}
|
||||
authenticatedUser := m.interaction.lifecycle.GetUser()
|
||||
|
||||
userInfoStyle := lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#FAFAFA")).
|
||||
Bold(true)
|
||||
|
||||
sectionHeaderStyle := lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#888888")).
|
||||
Bold(true)
|
||||
|
||||
addressStyle := lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#FAFAFA"))
|
||||
|
||||
var infoContent string
|
||||
if shouldUseCompactLayout(m.width, 70) {
|
||||
infoContent = fmt.Sprintf("🌐 %s", urlBoxStyle.Render(urlDisplay))
|
||||
} else if isCompact {
|
||||
infoContent = fmt.Sprintf("🌐 Forwarding to:\n\n %s", urlBoxStyle.Render(urlDisplay))
|
||||
infoContent = fmt.Sprintf("👤 %s\n\n%s\n%s",
|
||||
userInfoStyle.Render(authenticatedUser),
|
||||
sectionHeaderStyle.Render("🌐 FORWARDING ADDRESS:"),
|
||||
addressStyle.Render(fmt.Sprintf(" %s", urlBoxStyle.Render(m.getTunnelURL()))))
|
||||
} else {
|
||||
infoContent = fmt.Sprintf("🌐 F O R W A R D I N G T O:\n\n %s", urlBoxStyle.Render(urlDisplay))
|
||||
infoContent = fmt.Sprintf("👤 Authenticated as: %s\n\n%s\n %s",
|
||||
userInfoStyle.Render(authenticatedUser),
|
||||
sectionHeaderStyle.Render("🌐 FORWARDING ADDRESS:"),
|
||||
addressStyle.Render(urlBoxStyle.Render(m.getTunnelURL())))
|
||||
}
|
||||
|
||||
b.WriteString(responsiveInfoBox.Render(infoContent))
|
||||
b.WriteString("\n")
|
||||
|
||||
@@ -737,13 +760,6 @@ func (i *Interaction) Start() {
|
||||
tunnelType := i.forwarder.GetTunnelType()
|
||||
port := i.forwarder.GetForwardedPort()
|
||||
|
||||
var tunnelURL string
|
||||
if tunnelType == types.HTTP {
|
||||
tunnelURL = buildURL(protocol, i.slugManager.Get(), domain)
|
||||
} else {
|
||||
tunnelURL = fmt.Sprintf("tcp://%s:%d", domain, port)
|
||||
}
|
||||
|
||||
items := []list.Item{
|
||||
commandItem{name: "slug", desc: "Set custom subdomain"},
|
||||
commandItem{name: "tunnel-type", desc: "Change tunnel type (Coming Soon)"},
|
||||
@@ -764,8 +780,7 @@ func (i *Interaction) Start() {
|
||||
ti.CharLimit = 20
|
||||
ti.Width = 50
|
||||
|
||||
m := model{
|
||||
tunnelURL: tunnelURL,
|
||||
m := &model{
|
||||
domain: domain,
|
||||
protocol: protocol,
|
||||
tunnelType: tunnelType,
|
||||
@@ -819,30 +834,3 @@ func buildURL(protocol, subdomain, domain string) string {
|
||||
func generateRandomSubdomain() string {
|
||||
return random.GenerateRandomString(20)
|
||||
}
|
||||
|
||||
func isValidSlug(slug string) bool {
|
||||
if len(slug) < minSlugLength || len(slug) > maxSlugLength {
|
||||
return false
|
||||
}
|
||||
|
||||
if slug[0] == '-' || slug[len(slug)-1] == '-' {
|
||||
return false
|
||||
}
|
||||
|
||||
for _, c := range slug {
|
||||
if !isValidSlugChar(byte(c)) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func isValidSlugChar(c byte) bool {
|
||||
return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
|
||||
}
|
||||
|
||||
func isForbiddenSlug(slug string) bool {
|
||||
_, ok := forbiddenSlugs[slug]
|
||||
return ok
|
||||
}
|
||||
|
||||
@@ -4,6 +4,8 @@ import (
|
||||
"errors"
|
||||
"io"
|
||||
"net"
|
||||
"time"
|
||||
|
||||
portUtil "tunnel_pls/internal/port"
|
||||
"tunnel_pls/session/slug"
|
||||
"tunnel_pls/types"
|
||||
@@ -17,28 +19,36 @@ type Forwarder interface {
|
||||
GetForwardedPort() uint16
|
||||
}
|
||||
|
||||
type Lifecycle struct {
|
||||
status types.Status
|
||||
conn ssh.Conn
|
||||
channel ssh.Channel
|
||||
forwarder Forwarder
|
||||
slugManager slug.Manager
|
||||
unregisterClient func(slug string)
|
||||
type SessionRegistry interface {
|
||||
Remove(key types.SessionKey)
|
||||
}
|
||||
|
||||
func NewLifecycle(conn ssh.Conn, forwarder Forwarder, slugManager slug.Manager) *Lifecycle {
|
||||
type Lifecycle struct {
|
||||
status types.Status
|
||||
conn ssh.Conn
|
||||
channel ssh.Channel
|
||||
forwarder Forwarder
|
||||
sessionRegistry SessionRegistry
|
||||
slugManager slug.Manager
|
||||
startedAt time.Time
|
||||
user string
|
||||
}
|
||||
|
||||
func NewLifecycle(conn ssh.Conn, forwarder Forwarder, slugManager slug.Manager, user string) *Lifecycle {
|
||||
return &Lifecycle{
|
||||
status: "",
|
||||
conn: conn,
|
||||
channel: nil,
|
||||
forwarder: forwarder,
|
||||
slugManager: slugManager,
|
||||
unregisterClient: nil,
|
||||
status: types.INITIALIZING,
|
||||
conn: conn,
|
||||
channel: nil,
|
||||
forwarder: forwarder,
|
||||
slugManager: slugManager,
|
||||
sessionRegistry: nil,
|
||||
startedAt: time.Now(),
|
||||
user: user,
|
||||
}
|
||||
}
|
||||
|
||||
func (l *Lifecycle) SetUnregisterClient(unregisterClient func(slug string)) {
|
||||
l.unregisterClient = unregisterClient
|
||||
func (l *Lifecycle) SetSessionRegistry(registry SessionRegistry) {
|
||||
l.sessionRegistry = registry
|
||||
}
|
||||
|
||||
type SessionLifecycle interface {
|
||||
@@ -46,8 +56,15 @@ type SessionLifecycle interface {
|
||||
SetStatus(status types.Status)
|
||||
GetConnection() ssh.Conn
|
||||
GetChannel() ssh.Channel
|
||||
GetUser() string
|
||||
SetChannel(channel ssh.Channel)
|
||||
SetUnregisterClient(unregisterClient func(slug string))
|
||||
SetSessionRegistry(registry SessionRegistry)
|
||||
IsActive() bool
|
||||
StartedAt() time.Time
|
||||
}
|
||||
|
||||
func (l *Lifecycle) GetUser() string {
|
||||
return l.user
|
||||
}
|
||||
|
||||
func (l *Lifecycle) GetChannel() ssh.Channel {
|
||||
@@ -62,6 +79,9 @@ func (l *Lifecycle) GetConnection() ssh.Conn {
|
||||
}
|
||||
func (l *Lifecycle) SetStatus(status types.Status) {
|
||||
l.status = status
|
||||
if status == types.RUNNING && l.startedAt.IsZero() {
|
||||
l.startedAt = time.Now()
|
||||
}
|
||||
}
|
||||
|
||||
func (l *Lifecycle) Close() error {
|
||||
@@ -85,12 +105,13 @@ func (l *Lifecycle) Close() error {
|
||||
}
|
||||
|
||||
clientSlug := l.slugManager.Get()
|
||||
if clientSlug != "" {
|
||||
l.unregisterClient(clientSlug)
|
||||
if clientSlug != "" && l.sessionRegistry.Remove != nil {
|
||||
key := types.SessionKey{Id: clientSlug, Type: l.forwarder.GetTunnelType()}
|
||||
l.sessionRegistry.Remove(key)
|
||||
}
|
||||
|
||||
if l.forwarder.GetTunnelType() == types.TCP {
|
||||
err := portUtil.Default.SetPortStatus(l.forwarder.GetForwardedPort(), false)
|
||||
err = portUtil.Default.SetPortStatus(l.forwarder.GetForwardedPort(), false)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -98,3 +119,11 @@ func (l *Lifecycle) Close() error {
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (l *Lifecycle) IsActive() bool {
|
||||
return l.status == types.RUNNING
|
||||
}
|
||||
|
||||
func (l *Lifecycle) StartedAt() time.Time {
|
||||
return l.startedAt
|
||||
}
|
||||
|
||||
@@ -1,66 +1,309 @@
|
||||
package session
|
||||
|
||||
import "sync"
|
||||
import (
|
||||
"fmt"
|
||||
"sync"
|
||||
"tunnel_pls/types"
|
||||
)
|
||||
|
||||
type Key = types.SessionKey
|
||||
|
||||
type Registry interface {
|
||||
Get(slug string) (session *SSHSession, exist bool)
|
||||
Update(oldSlug, newSlug string) (success bool)
|
||||
Register(slug string, session *SSHSession) (success bool)
|
||||
Remove(slug string)
|
||||
Get(key Key) (session *SSHSession, err error)
|
||||
GetWithUser(user string, key Key) (session *SSHSession, err error)
|
||||
Update(user string, oldKey, newKey Key) error
|
||||
Register(key Key, session *SSHSession) (success bool)
|
||||
Remove(key Key)
|
||||
GetAllSessionFromUser(user string) []*SSHSession
|
||||
}
|
||||
type registry struct {
|
||||
mu sync.RWMutex
|
||||
clients map[string]*SSHSession
|
||||
mu sync.RWMutex
|
||||
byUser map[string]map[Key]*SSHSession
|
||||
slugIndex map[Key]string
|
||||
}
|
||||
|
||||
func NewRegistry() Registry {
|
||||
return ®istry{
|
||||
clients: make(map[string]*SSHSession),
|
||||
byUser: make(map[string]map[Key]*SSHSession),
|
||||
slugIndex: make(map[Key]string),
|
||||
}
|
||||
}
|
||||
|
||||
func (r *registry) Get(slug string) (session *SSHSession, exist bool) {
|
||||
func (r *registry) Get(key Key) (session *SSHSession, err error) {
|
||||
r.mu.RLock()
|
||||
defer r.mu.RUnlock()
|
||||
|
||||
session, exist = r.clients[slug]
|
||||
return
|
||||
}
|
||||
|
||||
func (r *registry) Update(oldSlug, newSlug string) (success bool) {
|
||||
r.mu.Lock()
|
||||
defer r.mu.Unlock()
|
||||
|
||||
if _, exists := r.clients[newSlug]; exists && newSlug != oldSlug {
|
||||
return false
|
||||
}
|
||||
|
||||
client, ok := r.clients[oldSlug]
|
||||
userID, ok := r.slugIndex[key]
|
||||
if !ok {
|
||||
return false
|
||||
return nil, fmt.Errorf("session not found")
|
||||
}
|
||||
|
||||
delete(r.clients, oldSlug)
|
||||
client.slugManager.Set(newSlug)
|
||||
r.clients[newSlug] = client
|
||||
return true
|
||||
client, ok := r.byUser[userID][key]
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("session not found")
|
||||
}
|
||||
return client, nil
|
||||
}
|
||||
|
||||
func (r *registry) Register(slug string, session *SSHSession) (success bool) {
|
||||
func (r *registry) GetWithUser(user string, key Key) (session *SSHSession, err error) {
|
||||
r.mu.RLock()
|
||||
defer r.mu.RUnlock()
|
||||
|
||||
client, ok := r.byUser[user][key]
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("session not found")
|
||||
}
|
||||
return client, nil
|
||||
}
|
||||
|
||||
func (r *registry) Update(user string, oldKey, newKey Key) error {
|
||||
if oldKey.Type != newKey.Type {
|
||||
return fmt.Errorf("tunnel type cannot change")
|
||||
}
|
||||
|
||||
if newKey.Type != types.HTTP {
|
||||
return fmt.Errorf("non http tunnel cannot change slug")
|
||||
}
|
||||
|
||||
if isForbiddenSlug(newKey.Id) {
|
||||
return fmt.Errorf("this subdomain is reserved. Please choose a different one")
|
||||
}
|
||||
|
||||
if !isValidSlug(newKey.Id) {
|
||||
return fmt.Errorf("invalid subdomain. Follow the rules")
|
||||
}
|
||||
|
||||
r.mu.Lock()
|
||||
defer r.mu.Unlock()
|
||||
|
||||
if _, exists := r.clients[slug]; exists {
|
||||
return false
|
||||
if _, exists := r.slugIndex[newKey]; exists && newKey != oldKey {
|
||||
return fmt.Errorf("someone already uses this subdomain")
|
||||
}
|
||||
client, ok := r.byUser[user][oldKey]
|
||||
if !ok {
|
||||
return fmt.Errorf("session not found")
|
||||
}
|
||||
|
||||
r.clients[slug] = session
|
||||
return true
|
||||
delete(r.byUser[user], oldKey)
|
||||
delete(r.slugIndex, oldKey)
|
||||
|
||||
client.slugManager.Set(newKey.Id)
|
||||
r.slugIndex[newKey] = user
|
||||
|
||||
if r.byUser[user] == nil {
|
||||
r.byUser[user] = make(map[Key]*SSHSession)
|
||||
}
|
||||
r.byUser[user][newKey] = client
|
||||
return nil
|
||||
}
|
||||
|
||||
func (r *registry) Remove(slug string) {
|
||||
func (r *registry) Register(key Key, session *SSHSession) (success bool) {
|
||||
r.mu.Lock()
|
||||
defer r.mu.Unlock()
|
||||
|
||||
delete(r.clients, slug)
|
||||
if _, exists := r.slugIndex[key]; exists {
|
||||
return false
|
||||
}
|
||||
|
||||
userID := session.lifecycle.GetUser()
|
||||
if r.byUser[userID] == nil {
|
||||
r.byUser[userID] = make(map[Key]*SSHSession)
|
||||
}
|
||||
|
||||
r.byUser[userID][key] = session
|
||||
r.slugIndex[key] = userID
|
||||
return true
|
||||
}
|
||||
|
||||
func (r *registry) GetAllSessionFromUser(user string) []*SSHSession {
|
||||
r.mu.RLock()
|
||||
defer r.mu.RUnlock()
|
||||
|
||||
m := r.byUser[user]
|
||||
if len(m) == 0 {
|
||||
return []*SSHSession{}
|
||||
}
|
||||
|
||||
sessions := make([]*SSHSession, 0, len(m))
|
||||
for _, s := range m {
|
||||
sessions = append(sessions, s)
|
||||
}
|
||||
return sessions
|
||||
}
|
||||
|
||||
func (r *registry) Remove(key Key) {
|
||||
r.mu.Lock()
|
||||
defer r.mu.Unlock()
|
||||
|
||||
userID, ok := r.slugIndex[key]
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
delete(r.byUser[userID], key)
|
||||
if len(r.byUser[userID]) == 0 {
|
||||
delete(r.byUser, userID)
|
||||
}
|
||||
delete(r.slugIndex, key)
|
||||
}
|
||||
|
||||
func isValidSlug(slug string) bool {
|
||||
if len(slug) < minSlugLength || len(slug) > maxSlugLength {
|
||||
return false
|
||||
}
|
||||
|
||||
if slug[0] == '-' || slug[len(slug)-1] == '-' {
|
||||
return false
|
||||
}
|
||||
|
||||
for _, c := range slug {
|
||||
if !isValidSlugChar(byte(c)) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func isValidSlugChar(c byte) bool {
|
||||
return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
|
||||
}
|
||||
|
||||
func isForbiddenSlug(slug string) bool {
|
||||
_, ok := forbiddenSlugs[slug]
|
||||
return ok
|
||||
}
|
||||
|
||||
var forbiddenSlugs = map[string]struct{}{
|
||||
"ping": {},
|
||||
"staging": {},
|
||||
"admin": {},
|
||||
"root": {},
|
||||
"api": {},
|
||||
"www": {},
|
||||
"support": {},
|
||||
"help": {},
|
||||
"status": {},
|
||||
"health": {},
|
||||
"login": {},
|
||||
"logout": {},
|
||||
"signup": {},
|
||||
"register": {},
|
||||
"settings": {},
|
||||
"config": {},
|
||||
"null": {},
|
||||
"undefined": {},
|
||||
"example": {},
|
||||
"test": {},
|
||||
"dev": {},
|
||||
"system": {},
|
||||
"administrator": {},
|
||||
"dashboard": {},
|
||||
"account": {},
|
||||
"profile": {},
|
||||
"user": {},
|
||||
"users": {},
|
||||
"auth": {},
|
||||
"oauth": {},
|
||||
"callback": {},
|
||||
"webhook": {},
|
||||
"webhooks": {},
|
||||
"static": {},
|
||||
"assets": {},
|
||||
"cdn": {},
|
||||
"mail": {},
|
||||
"email": {},
|
||||
"ftp": {},
|
||||
"ssh": {},
|
||||
"git": {},
|
||||
"svn": {},
|
||||
"blog": {},
|
||||
"news": {},
|
||||
"about": {},
|
||||
"contact": {},
|
||||
"terms": {},
|
||||
"privacy": {},
|
||||
"legal": {},
|
||||
"billing": {},
|
||||
"payment": {},
|
||||
"checkout": {},
|
||||
"cart": {},
|
||||
"shop": {},
|
||||
"store": {},
|
||||
"download": {},
|
||||
"uploads": {},
|
||||
"images": {},
|
||||
"img": {},
|
||||
"css": {},
|
||||
"js": {},
|
||||
"fonts": {},
|
||||
"public": {},
|
||||
"private": {},
|
||||
"internal": {},
|
||||
"external": {},
|
||||
"proxy": {},
|
||||
"cache": {},
|
||||
"debug": {},
|
||||
"metrics": {},
|
||||
"monitoring": {},
|
||||
"graphql": {},
|
||||
"rest": {},
|
||||
"rpc": {},
|
||||
"socket": {},
|
||||
"ws": {},
|
||||
"wss": {},
|
||||
"app": {},
|
||||
"apps": {},
|
||||
"mobile": {},
|
||||
"desktop": {},
|
||||
"embed": {},
|
||||
"widget": {},
|
||||
"docs": {},
|
||||
"documentation": {},
|
||||
"wiki": {},
|
||||
"forum": {},
|
||||
"community": {},
|
||||
"feedback": {},
|
||||
"report": {},
|
||||
"abuse": {},
|
||||
"spam": {},
|
||||
"security": {},
|
||||
"verify": {},
|
||||
"confirm": {},
|
||||
"reset": {},
|
||||
"password": {},
|
||||
"recovery": {},
|
||||
"unsubscribe": {},
|
||||
"subscribe": {},
|
||||
"notifications": {},
|
||||
"alerts": {},
|
||||
"messages": {},
|
||||
"inbox": {},
|
||||
"outbox": {},
|
||||
"sent": {},
|
||||
"draft": {},
|
||||
"trash": {},
|
||||
"archive": {},
|
||||
"search": {},
|
||||
"explore": {},
|
||||
"discover": {},
|
||||
"trending": {},
|
||||
"popular": {},
|
||||
"featured": {},
|
||||
"new": {},
|
||||
"latest": {},
|
||||
"top": {},
|
||||
"best": {},
|
||||
"hot": {},
|
||||
"random": {},
|
||||
"all": {},
|
||||
"any": {},
|
||||
"none": {},
|
||||
"true": {},
|
||||
"false": {},
|
||||
}
|
||||
|
||||
var (
|
||||
minSlugLength = 3
|
||||
maxSlugLength = 20
|
||||
)
|
||||
|
||||
@@ -46,16 +46,16 @@ func (s *SSHSession) GetSlugManager() slug.Manager {
|
||||
return s.slugManager
|
||||
}
|
||||
|
||||
func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry) *SSHSession {
|
||||
func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry, user string) *SSHSession {
|
||||
slugManager := slug.NewManager()
|
||||
forwarderManager := forwarder.NewForwarder(slugManager)
|
||||
interactionManager := interaction.NewInteraction(slugManager, forwarderManager)
|
||||
lifecycleManager := lifecycle.NewLifecycle(conn, forwarderManager, slugManager)
|
||||
lifecycleManager := lifecycle.NewLifecycle(conn, forwarderManager, slugManager, user)
|
||||
|
||||
interactionManager.SetLifecycle(lifecycleManager)
|
||||
interactionManager.SetSlugModificator(sessionRegistry.Update)
|
||||
forwarderManager.SetLifecycle(lifecycleManager)
|
||||
lifecycleManager.SetUnregisterClient(sessionRegistry.Remove)
|
||||
interactionManager.SetSessionRegistry(sessionRegistry)
|
||||
lifecycleManager.SetSessionRegistry(sessionRegistry)
|
||||
|
||||
return &SSHSession{
|
||||
initialReq: forwardingReq,
|
||||
@@ -68,6 +68,24 @@ func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan
|
||||
}
|
||||
}
|
||||
|
||||
type Detail struct {
|
||||
ForwardingType string `json:"forwarding_type,omitempty"`
|
||||
Slug string `json:"slug,omitempty"`
|
||||
UserID string `json:"user_id,omitempty"`
|
||||
Active bool `json:"active,omitempty"`
|
||||
StartedAt time.Time `json:"started_at,omitempty"`
|
||||
}
|
||||
|
||||
func (s *SSHSession) Detail() Detail {
|
||||
return Detail{
|
||||
ForwardingType: string(s.forwarder.GetTunnelType()),
|
||||
Slug: s.slugManager.Get(),
|
||||
UserID: s.lifecycle.GetUser(),
|
||||
Active: s.lifecycle.IsActive(),
|
||||
StartedAt: s.lifecycle.StartedAt(),
|
||||
}
|
||||
}
|
||||
|
||||
func (s *SSHSession) Start() error {
|
||||
channel := <-s.sshReqChannel
|
||||
ch, reqs, err := channel.Accept()
|
||||
@@ -86,7 +104,7 @@ func (s *SSHSession) Start() error {
|
||||
if err := s.lifecycle.Close(); err != nil {
|
||||
log.Printf("failed to close session: %v", err)
|
||||
}
|
||||
return fmt.Errorf("No forwarding Request")
|
||||
return fmt.Errorf("no forwarding Request")
|
||||
}
|
||||
|
||||
s.lifecycle.SetChannel(ch)
|
||||
|
||||
@@ -11,10 +11,16 @@ const (
|
||||
type TunnelType string
|
||||
|
||||
const (
|
||||
HTTP TunnelType = "HTTP"
|
||||
TCP TunnelType = "TCP"
|
||||
UNKNOWN TunnelType = "UNKNOWN"
|
||||
HTTP TunnelType = "HTTP"
|
||||
TCP TunnelType = "TCP"
|
||||
)
|
||||
|
||||
type SessionKey struct {
|
||||
Id string
|
||||
Type TunnelType
|
||||
}
|
||||
|
||||
var BadGatewayResponse = []byte("HTTP/1.1 502 Bad Gateway\r\n" +
|
||||
"Content-Length: 11\r\n" +
|
||||
"Content-Type: text/plain\r\n\r\n" +
|
||||
|
||||
Reference in New Issue
Block a user