func runServer(t *testing.T, runConfig *runServerConfig) { // create a server var err error serverIPaddress := "" for _, interfaceName := range []string{"eth0", "en0"} { serverIPaddress, err = psiphon.GetInterfaceIPAddress(interfaceName) if err == nil { break } } if err != nil { t.Fatalf("error getting server IP address: %s", err) } serverConfigJSON, _, encodedServerEntry, err := GenerateConfig( &GenerateConfigParams{ ServerIPAddress: serverIPaddress, EnableSSHAPIRequests: runConfig.enableSSHAPIRequests, WebServerPort: 8000, TunnelProtocolPorts: map[string]int{runConfig.tunnelProtocol: 4000}, }) if err != nil { t.Fatalf("error generating server config: %s", err) } // customize server config // Pave psinet with random values to test handshake homepages. psinetFilename := "psinet.json" sponsorID, expectedHomepageURL := pavePsinetDatabaseFile(t, psinetFilename) // Pave traffic rules file which exercises handshake parameter filtering. Client // must handshake with specified sponsor ID in order to allow ports for tunneled // requests. trafficRulesFilename := "traffic_rules.json" paveTrafficRulesFile(t, trafficRulesFilename, sponsorID, runConfig.denyTrafficRules) var serverConfig interface{} json.Unmarshal(serverConfigJSON, &serverConfig) serverConfig.(map[string]interface{})["GeoIPDatabaseFilename"] = "" serverConfig.(map[string]interface{})["PsinetDatabaseFilename"] = psinetFilename serverConfig.(map[string]interface{})["TrafficRulesFilename"] = trafficRulesFilename serverConfig.(map[string]interface{})["LogLevel"] = "debug" // 1 second is the minimum period; should be small enough to emit a log during the // test run, but not guaranteed serverConfig.(map[string]interface{})["LoadMonitorPeriodSeconds"] = 1 serverConfigJSON, _ = json.Marshal(serverConfig) // run server serverWaitGroup := new(sync.WaitGroup) serverWaitGroup.Add(1) go func() { defer serverWaitGroup.Done() err := RunServices(serverConfigJSON) if err != nil { // TODO: wrong goroutine for t.FatalNow() t.Fatalf("error running server: %s", err) } }() defer func() { // Test: orderly server shutdown p, _ := os.FindProcess(os.Getpid()) p.Signal(os.Interrupt) shutdownTimeout := time.NewTimer(5 * time.Second) shutdownOk := make(chan struct{}, 1) go func() { serverWaitGroup.Wait() shutdownOk <- *new(struct{}) }() select { case <-shutdownOk: case <-shutdownTimeout.C: t.Fatalf("server shutdown timeout exceeded") } }() // Test: hot reload (of psinet and traffic rules) if runConfig.doHotReload { // TODO: monitor logs for more robust wait-until-loaded time.Sleep(1 * time.Second) // Pave a new psinet and traffic rules with different random values. sponsorID, expectedHomepageURL = pavePsinetDatabaseFile(t, psinetFilename) paveTrafficRulesFile(t, trafficRulesFilename, sponsorID, runConfig.denyTrafficRules) p, _ := os.FindProcess(os.Getpid()) p.Signal(syscall.SIGUSR1) // TODO: monitor logs for more robust wait-until-reloaded time.Sleep(1 * time.Second) // After reloading psinet, the new sponsorID/expectedHomepageURL // should be active, as tested in the client "Homepage" notice // handler below. } // connect to server with client // TODO: currently, TargetServerEntry only works with one tunnel numTunnels := 1 localSOCKSProxyPort := 1081 localHTTPProxyPort := 8081 establishTunnelPausePeriodSeconds := 1 // Note: calling LoadConfig ensures all *int config fields are initialized clientConfigJSON := ` { "ClientPlatform" : "Android", "ClientVersion" : "0", "SponsorId" : "0", "PropagationChannelId" : "0" }` clientConfig, _ := psiphon.LoadConfig([]byte(clientConfigJSON)) clientConfig.SponsorId = sponsorID clientConfig.ConnectionWorkerPoolSize = numTunnels clientConfig.TunnelPoolSize = numTunnels clientConfig.DisableRemoteServerListFetcher = true clientConfig.EstablishTunnelPausePeriodSeconds = &establishTunnelPausePeriodSeconds clientConfig.TargetServerEntry = string(encodedServerEntry) clientConfig.TunnelProtocol = runConfig.tunnelProtocol clientConfig.LocalSocksProxyPort = localSOCKSProxyPort clientConfig.LocalHttpProxyPort = localHTTPProxyPort err = psiphon.InitDataStore(clientConfig) if err != nil { t.Fatalf("error initializing client datastore: %s", err) } controller, err := psiphon.NewController(clientConfig) if err != nil { t.Fatalf("error creating client controller: %s", err) } tunnelsEstablished := make(chan struct{}, 1) homepageReceived := make(chan struct{}, 1) verificationRequired := make(chan struct{}, 1) verificationCompleted := make(chan struct{}, 1) psiphon.SetNoticeOutput(psiphon.NewNoticeReceiver( func(notice []byte) { //fmt.Printf("%s\n", string(notice)) noticeType, payload, err := psiphon.GetNotice(notice) if err != nil { return } switch noticeType { case "Tunnels": // Do not set verification payload until tunnel is // established. Otherwise will silently take no action. controller.SetClientVerificationPayloadForActiveTunnels("") count := int(payload["count"].(float64)) if count >= numTunnels { sendNotificationReceived(tunnelsEstablished) } case "Homepage": homepageURL := payload["url"].(string) if homepageURL != expectedHomepageURL { // TODO: wrong goroutine for t.FatalNow() t.Fatalf("unexpected homepage: %s", homepageURL) } sendNotificationReceived(homepageReceived) case "ClientVerificationRequired": sendNotificationReceived(verificationRequired) controller.SetClientVerificationPayloadForActiveTunnels(dummyClientVerificationPayload) case "NoticeClientVerificationRequestCompleted": sendNotificationReceived(verificationCompleted) } })) controllerShutdownBroadcast := make(chan struct{}) controllerWaitGroup := new(sync.WaitGroup) controllerWaitGroup.Add(1) go func() { defer controllerWaitGroup.Done() controller.Run(controllerShutdownBroadcast) }() defer func() { close(controllerShutdownBroadcast) shutdownTimeout := time.NewTimer(20 * time.Second) shutdownOk := make(chan struct{}, 1) go func() { controllerWaitGroup.Wait() shutdownOk <- *new(struct{}) }() select { case <-shutdownOk: case <-shutdownTimeout.C: t.Fatalf("controller shutdown timeout exceeded") } }() // Test: tunnels must be established, and correct homepage // must be received, within 30 seconds timeoutSignal := make(chan struct{}) go func() { timer := time.NewTimer(30 * time.Second) <-timer.C close(timeoutSignal) }() waitOnNotification(t, tunnelsEstablished, timeoutSignal, "tunnel establish timeout exceeded") waitOnNotification(t, homepageReceived, timeoutSignal, "homepage received timeout exceeded") waitOnNotification(t, verificationRequired, timeoutSignal, "verification required timeout exceeded") waitOnNotification(t, verificationCompleted, timeoutSignal, "verification completed timeout exceeded") // Test: tunneled web site fetch err = makeTunneledWebRequest(t, localHTTPProxyPort) if err == nil { if runConfig.denyTrafficRules { t.Fatalf("unexpected tunneled web request success") } } else { if !runConfig.denyTrafficRules { t.Fatalf("tunneled web request failed: %s", err) } } // Test: tunneled UDP packets udpgwServerAddress := serverConfig.(map[string]interface{})["UDPInterceptUdpgwServerAddress"].(string) err = makeTunneledNTPRequest(t, localSOCKSProxyPort, udpgwServerAddress) if err == nil { if runConfig.denyTrafficRules { t.Fatalf("unexpected tunneled NTP request success") } } else { if !runConfig.denyTrafficRules { t.Fatalf("tunneled NTP request failed: %s", err) } } }
func main() { var generateTrafficRulesFilename string var generateServerEntryFilename string var generateLogFilename string var generateServerIPaddress string var generateServerNetworkInterface string var generateWebServerPort int var generateProtocolPorts stringListFlag var configFilename string flag.StringVar( &generateTrafficRulesFilename, "trafficRules", server.SERVER_TRAFFIC_RULES_FILENAME, "generate with this traffic rules `filename`") flag.StringVar( &generateServerEntryFilename, "serverEntry", server.SERVER_ENTRY_FILENAME, "generate with this server entry `filename`") flag.StringVar( &generateLogFilename, "logFilename", "", "set application log file name and path; blank for stderr") flag.StringVar( &generateServerIPaddress, "ipaddress", server.DEFAULT_SERVER_IP_ADDRESS, "generate with this server `IP address`") flag.StringVar( &generateServerNetworkInterface, "interface", "", "generate with server IP address from this `network-interface`") flag.IntVar( &generateWebServerPort, "web", 0, "generate with web server `port`; 0 for no web server") flag.Var( &generateProtocolPorts, "protocol", "generate with `protocol:port`; flag may be repeated to enable multiple protocols") flag.StringVar( &configFilename, "config", server.SERVER_CONFIG_FILENAME, "run or generate with this config `filename`") flag.Usage = func() { fmt.Fprintf(os.Stderr, "Usage:\n\n"+ "%s <flags> generate generates configuration files\n"+ "%s <flags> run runs configured services\n\n", os.Args[0], os.Args[0]) flag.PrintDefaults() } flag.Parse() args := flag.Args() if len(args) < 1 { flag.Usage() os.Exit(1) } else if args[0] == "generate" { serverIPaddress := generateServerIPaddress if generateServerNetworkInterface != "" { var err error serverIPaddress, err = psiphon.GetInterfaceIPAddress(generateServerNetworkInterface) if err != nil { fmt.Printf("generate failed: %s\n", err) os.Exit(1) } } tunnelProtocolPorts := make(map[string]int) for _, protocolPort := range generateProtocolPorts { parts := strings.Split(protocolPort, ":") if len(parts) == 2 { port, err := strconv.Atoi(parts[1]) if err != nil { fmt.Printf("generate failed: %s\n", err) os.Exit(1) } tunnelProtocolPorts[parts[0]] = port } } configJSON, trafficRulesJSON, encodedServerEntry, err := server.GenerateConfig( &server.GenerateConfigParams{ LogFilename: generateLogFilename, ServerIPAddress: serverIPaddress, EnableSSHAPIRequests: true, WebServerPort: generateWebServerPort, TunnelProtocolPorts: tunnelProtocolPorts, TrafficRulesFilename: generateTrafficRulesFilename, }) if err != nil { fmt.Printf("generate failed: %s\n", err) os.Exit(1) } err = ioutil.WriteFile(configFilename, configJSON, 0600) if err != nil { fmt.Printf("error writing configuration file: %s\n", err) os.Exit(1) } err = ioutil.WriteFile(generateTrafficRulesFilename, trafficRulesJSON, 0600) if err != nil { fmt.Printf("error writing traffic rule configuration file: %s\n", err) os.Exit(1) } err = ioutil.WriteFile(generateServerEntryFilename, encodedServerEntry, 0600) if err != nil { fmt.Printf("error writing server entry file: %s\n", err) os.Exit(1) } } else if args[0] == "run" { configJSON, err := ioutil.ReadFile(configFilename) if err != nil { fmt.Printf("error loading configuration file: %s\n", err) os.Exit(1) } err = server.RunServices(configJSON) if err != nil { fmt.Printf("run failed: %s\n", err) os.Exit(1) } } }