/
gresec.go
107 lines (94 loc) · 2.32 KB
/
gresec.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package main
import "bytes"
import "net"
import "io"
import "io/ioutil"
import "os"
import "time"
import "fmt"
import "http"
import "crypto/rand"
import "crypto/tls"
import "crypto/x509"
var errEOF = io.ErrUnexpectedEOF
func toBytes(n int64) [8]byte {
m := uint64(n)
var bytes [8]byte
bytes[0] = byte(m >> 56)
bytes[1] = byte(m >> 48)
bytes[2] = byte(m >> 40)
bytes[3] = byte(m >> 32)
bytes[4] = byte(m >> 25)
bytes[5] = byte(m >> 16)
bytes[6] = byte(m >> 8)
bytes[7] = byte(m >> 0)
return bytes
}
func secondsToBytes() [8]byte {
return toBytes(time.UTC().Seconds())
}
func readNodes(r io.Reader) (map[string]Node, os.Error) {
nodes := make(map[string]Node)
for {
var node Node
if _, err := fmt.Fscanln(r, &node); err != nil {
if err == errEOF {
return nodes, nil
} else {
return nodes, err
}
} else {
nodes[node.Name] = node
}
}
return nodes, nil
}
func listenAndServe(addr string, certFile string, keyFile string, caFile string) os.Error {
config := &tls.Config{
Rand: rand.Reader,
Time: time.Seconds,
NextProtos: []string{"http/1.1"},
AuthenticateClient: true,
CipherSuites: []uint16{tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
}
rootCert, err := ioutil.ReadFile(caFile)
if err != nil {
return err
}
config.RootCAs = x509.NewCertPool()
if !config.RootCAs.AppendCertsFromPEM(rootCert) {
return os.NewError("Failed to add root certificate.")
}
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return err
}
conn, err := net.Listen("tcp", addr)
if err != nil {
return err
}
tlsListener := tls.NewListener(conn, config)
return http.Serve(tlsListener, nil)
}
func main() {
buf := bytes.NewBufferString("eq4 46.4.89.243 10.0.0.2 2001:470:9ce6:200::2")
nodes, err := readNodes(buf)
if err != nil {
fmt.Println("ERR: " + err.String())
}
node := nodes["eq4"]
store, err := NewNodeStore("nodes")
if err != nil {
fmt.Fprintf(os.Stderr, "ERR: %v\n", err)
return
}
store.Set(&node)
http.HandleFunc("/name/", GetNodeByName(store))
http.HandleFunc("/set", SetNodeByName(store))
http.HandleFunc("/all", GetAllNodes(store))
err = listenAndServe(":8080", "cert.pem", "key.pem", "cacert.pem")
if err != nil {
fmt.Fprintf(os.Stderr, "ERR: %v\n", err)
}
}