diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2018-03-11 16:25:03 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2018-03-11 16:25:03 +0100 |
| commit | 5018898d9265377a18b1dd07cca5003184cfeb8b (patch) | |
| tree | 82d16c3f848579bcd9f6d943e8cd7541bbced0d6 | |
| parent | fix bug in forwarder id handling (diff) | |
fix error handling for s5proxy tls config
| -rw-r--r-- | src/daq/s5proxy/src/s5proxy/proxy.go | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/src/daq/s5proxy/src/s5proxy/proxy.go b/src/daq/s5proxy/src/s5proxy/proxy.go index d55f270..f23f0c3 100644 --- a/src/daq/s5proxy/src/s5proxy/proxy.go +++ b/src/daq/s5proxy/src/s5proxy/proxy.go @@ -169,7 +169,7 @@ func (h *httpsRedirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) http.Redirect(w, r, uri.String(), h.code) } -func (p *Proxy) RunHTTPRedirector(l net.Listener) error { +func (p *Proxy) runHTTPRedirector(l net.Listener) error { mux := http.NewServeMux() mux.Handle("/", &httpsRedirectHandler{int(p.conf.Redirect2HTTPS)}) @@ -177,18 +177,20 @@ func (p *Proxy) RunHTTPRedirector(l net.Listener) error { return srv.Serve(l) } -func (p *Proxy) RunHTTP(l net.Listener) error { +func (p *Proxy) runHTTP(l net.Listener) error { return p.srv.Serve(l) } -func (p *Proxy) RunHTTPS(l net.Listener) error { +func (p *Proxy) prepareTLS(l net.Listener) (net.Listener, error) { cfg, err := p.conf.TLS.ToGoTLSConfig() if err != nil { - return err + return nil, err } + return tls.NewListener(l, cfg), nil +} - tlsL := tls.NewListener(l, cfg) // TODO: error handling - return p.srv.Serve(tlsL) +func (p *Proxy) runHTTPS(l net.Listener) error { + return p.srv.Serve(l) } func (p *Proxy) Run() error { @@ -205,22 +207,29 @@ func (p *Proxy) Run() error { httpL := m.Match(cmux.HTTP1Fast()) if p.conf.Redirect2HTTPS > 0 { s5l.Printf("PROXY: will redirect any traffic from http to https using status code %v", p.conf.Redirect2HTTPS) - go p.RunHTTPRedirector(httpL) + go p.runHTTPRedirector(httpL) } else { - go p.RunHTTP(httpL) + go p.runHTTP(httpL) } - httpsL := m.Match(cmux.Any()) - go p.RunHTTPS(httpsL) + httpsL, err := p.prepareTLS(m.Match(cmux.Any())) + if err != nil { + return err + } + go p.runHTTPS(httpsL) if err := m.Serve(); !strings.Contains(err.Error(), "use of closed network connection") { // TODO: is this really the best way to do this? return err } return nil case HTTPOnly: - return p.RunHTTP(l) + return p.runHTTP(l) case HTTPSOnly: - return p.RunHTTPS(l) + httpsL, err := p.prepareTLS(l) + if err != nil { + return err + } + return p.runHTTPS(httpsL) } return fmt.Errorf("PROXY: unsupported protocol: '%s'", p.conf.Protocol) } |