// mvc.Model interface
func (c *ClientModel) PlayRequest(tunnel mvc.Tunnel, payload []byte) {
var localConn conn.Conn
localConn, err := conn.Dial(tunnel.LocalAddr, "prv", nil)
if err != nil {
c.Warn("Failed to open private leg to %s: %v", tunnel.LocalAddr, err)
return
}
defer localConn.Close()
localConn = tunnel.Protocol.WrapConn(localConn, mvc.ConnectionContext{Tunnel: tunnel, ClientAddr: "127.0.0.1"})
localConn.Write(payload)
ioutil.ReadAll(localConn)
}
func WriteMsg(c conn.Conn, msg interface{}) (err error) {
buffer, err := Pack(msg)
if err != nil {
return
}
c.Debug("Writing message: %s", string(buffer))
err = binary.Write(c, binary.LittleEndian, int64(len(buffer)))
if err != nil {
return
}
if _, err = c.Write(buffer); err != nil {
return
}
return nil
}
// Handles a new http connection from the public internet
func httpHandler(c conn.Conn, proto string) {
defer c.Close()
defer func() {
// recover from failures
if r := recover(); r != nil {
c.Warn("httpHandler failed with error %v", r)
}
}()
// Make sure we detect dead connections while we decide how to multiplex
c.SetDeadline(time.Now().Add(connReadTimeout))
// multiplex by extracting the Host header, the vhost library
vhostConn, err := vhost.HTTP(c)
if err != nil {
c.Warn("Failed to read valid %s request: %v", proto, err)
c.Write([]byte(BadRequest))
return
}
// read out the Host header and auth from the request
host := strings.ToLower(vhostConn.Host())
auth := vhostConn.Request.Header.Get("Authorization")
// done reading mux data, free up the request memory
vhostConn.Free()
// We need to read from the vhost conn now since it mucked around reading the stream
c = conn.Wrap(vhostConn, "pub")
// multiplex to find the right backend host
c.Debug("Found hostname %s in request", host)
tunnel := tunnelRegistry.Get(fmt.Sprintf("%s://%s", proto, host))
if tunnel == nil {
tunnel = tunnelRegistry.Get(fmt.Sprintf("%s://%s%s", proto, host, opts.httpAddr))
}
if tunnel == nil {
c.Info("No tunnel found for hostname %s", host)
c.Write([]byte(fmt.Sprintf(NotFound, len(host)+18, host)))
return
}
// If the client specified http auth and it doesn't match this request's auth
// then fail the request with 401 Not Authorized and request the client reissue the
// request with basic authdeny the request
if tunnel.req.HttpAuth != "" && auth != tunnel.req.HttpAuth {
c.Info("Authentication failed: %s", auth)
c.Write([]byte(NotAuthorized))
return
}
// dead connections will now be handled by tunnel heartbeating and the client
c.SetDeadline(time.Time{})
// let the tunnel handle the connection now
tunnel.HandlePublicConnection(c)
}
// Establishes and manages a tunnel proxy connection with the server
func (c *ClientModel) proxy() {
var (
remoteConn conn.Conn
err error
)
if c.proxyUrl == "" {
remoteConn, err = conn.Dial(c.serverAddr, "pxy", c.tlsConfig)
} else {
remoteConn, err = conn.DialHttpProxy(c.proxyUrl, c.serverAddr, "pxy", c.tlsConfig)
}
if err != nil {
log.Error("Failed to establish proxy connection: %v", err)
return
}
defer remoteConn.Close()
err = msg.WriteMsg(remoteConn, &msg.RegProxy{ClientId: c.id})
if err != nil {
remoteConn.Error("Failed to write RegProxy: %v", err)
return
}
// wait for the server to ack our register
var startPxy msg.StartProxy
if err = msg.ReadMsgInto(remoteConn, &startPxy); err != nil {
remoteConn.Error("Server failed to write StartProxy: %v", err)
return
}
tunnel, ok := c.tunnels[startPxy.Url]
if !ok {
remoteConn.Error("Couldn't find tunnel for proxy: %s", startPxy.Url)
return
}
// start up the private connection
start := time.Now()
localConn, err := conn.Dial(tunnel.LocalAddr, "prv", nil)
if err != nil {
remoteConn.Warn("Failed to open private leg %s: %v", tunnel.LocalAddr, err)
if tunnel.Protocol.GetName() == "http" {
// try to be helpful when you're in HTTP mode and a human might see the output
badGatewayBody := fmt.Sprintf(BadGateway, tunnel.PublicUrl, tunnel.LocalAddr, tunnel.LocalAddr)
remoteConn.Write([]byte(fmt.Sprintf(`HTTP/1.0 502 Bad Gateway
Content-Type: text/html
Content-Length: %d
%s`, len(badGatewayBody), badGatewayBody)))
}
return
}
defer localConn.Close()
m := c.metrics
m.proxySetupTimer.Update(time.Since(start))
m.connMeter.Mark(1)
c.update()
m.connTimer.Time(func() {
localConn := tunnel.Protocol.WrapConn(localConn, mvc.ConnectionContext{Tunnel: tunnel, ClientAddr: startPxy.ClientAddr})
bytesIn, bytesOut := conn.Join(localConn, remoteConn)
m.bytesIn.Update(bytesIn)
m.bytesOut.Update(bytesOut)
m.bytesInCount.Inc(bytesIn)
m.bytesOutCount.Inc(bytesOut)
})
c.update()
}
func Main() {
// parse options
opts := parseArgs()
// set up logging
log.LogTo(opts.logto)
// set up auth token
if opts.authtoken == "" {
opts.authtoken = LoadAuthToken()
}
// init client state
s := &State{
status: "connecting",
// unique client id
id: util.RandIdOrPanic(8),
// command-line options
opts: opts,
// metrics
metrics: NewClientMetrics(),
}
switch opts.protocol {
case "http":
s.protocol = proto.NewHttp()
case "tcp":
s.protocol = proto.NewTcp()
}
// init ui
ctl := ui.NewController()
if opts.webport != -1 {
web.NewWebView(ctl, s, opts.webport)
}
if opts.logto != "stdout" {
term.New(ctl, s)
}
go reconnectingControl(s, ctl)
go autoUpdate(s, ctl, opts.authtoken)
quitMessage := ""
ctl.Wait.Add(1)
go func() {
defer ctl.Wait.Done()
for {
select {
case obj := <-ctl.Cmds:
switch cmd := obj.(type) {
case ui.CmdQuit:
quitMessage = cmd.Message
ctl.DoShutdown()
return
case ui.CmdRequest:
go func() {
var localConn conn.Conn
localConn, err := conn.Dial(s.opts.localaddr, "prv", nil)
if err != nil {
log.Warn("Failed to open private leg %s: %v", s.opts.localaddr, err)
return
}
//defer localConn.Close()
localConn = s.protocol.WrapConn(localConn)
localConn.Write(cmd.Payload)
ioutil.ReadAll(localConn)
}()
}
}
}
}()
ctl.Wait.Wait()
fmt.Println(quitMessage)
}
// Handles a new http connection from the public internet
func httpHandler(c conn.Conn, proto string) {
defer c.Close()
defer func() {
// recover from failures
if r := recover(); r != nil {
c.Warn("httpHandler failed with error %v", r)
}
}()
// Make sure we detect dead connections while we decide how to multiplex
c.SetDeadline(time.Now().Add(connReadTimeout))
// multiplex by extracting the Host header, the vhost library
vhostConn, err := vhost.HTTP(c)
if err != nil {
c.Warn("Failed to read valid %s request: %v", proto, err)
c.Write([]byte(BadRequest))
return
}
// read out the Host header and auth from the request
host := strings.ToLower(vhostConn.Host())
auth := vhostConn.Request.Header.Get("Authorization")
hostname, _, err := net.SplitHostPort(host)
if err != nil {
hostname = host
} else {
_, port, _ := net.SplitHostPort(c.LocalAddr().String())
hostname = fmt.Sprintf("%s:%s", hostname, port)
}
paramSubdomain := vhostConn.Request.URL.Query().Get(SubDomainParamName) //url param
if paramSubdomain == "" { //user-agent
reg := regexp.MustCompile(fmt.Sprintf("%s/(\\w+)", SubDomainUserAgentName))
matches := reg.FindStringSubmatch(vhostConn.Request.UserAgent())
if len(matches) > 0 {
paramSubdomain = matches[1]
}
}
_, setCookieSubdomain := vhostConn.Request.URL.Query()[SetCookieSubDomainParamName]
subdomainCookie, err := vhostConn.Request.Cookie(SubDomainCookieName)
cookieSubdomain := ""
if err == nil {
cookieSubdomain = subdomainCookie.Value
}
// done reading mux data, free up the request memory
vhostConn.Free()
// We need to read from the vhost conn now since it mucked around reading the stream
c = conn.Wrap(vhostConn, "pub")
// multiplex to find the right backend host
c.Debug("Found hostname %s in request", host)
if paramSubdomain != "" {
hostname = fmt.Sprintf("%s.%s", paramSubdomain, hostname)
} else if cookieSubdomain != "" {
hostname = fmt.Sprintf("%s.%s", cookieSubdomain, hostname)
}
tunnelKey := fmt.Sprintf("%s://%s", proto, hostname)
tunnel := tunnelRegistry.Get(tunnelKey)
if tunnel == nil {
if setCookieSubdomain && paramSubdomain != "" {
c.Info("Set %s to Cookie for hostname %s", paramSubdomain, tunnelKey)
c.Write([]byte(fmt.Sprintf(SetCooikeResponse, len(proto)+len(hostname)+len(paramSubdomain)+48, SubDomainCookieName, paramSubdomain, proto, hostname, paramSubdomain)))
} else {
c.Info("No tunnel found for hostname %s", tunnelKey)
c.Write([]byte(fmt.Sprintf(NotFound, len(hostname)+18, hostname)))
}
return
}
// If the client specified http auth and it doesn't match this request's auth
// then fail the request with 401 Not Authorized and request the client reissue the
// request with basic authdeny the request
if tunnel.req.HttpAuth != "" && auth != tunnel.req.HttpAuth {
c.Info("Authentication failed: %s", auth)
c.Write([]byte(NotAuthorized))
return
}
// dead connections will now be handled by tunnel heartbeating and the client
c.SetDeadline(time.Time{})
// let the tunnel handle the connection now
tunnel.HandlePublicConnection(c)
}
