diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2017-06-29 04:05:31 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2017-06-29 04:05:31 +0200 |
| commit | 730ed3a74980b22c1676c4c5ffe9bf748f02a1da (patch) | |
| tree | 921cd5524f4b87c80d299680b75749ae5e63c4d7 | |
| parent | added config parser for new config options (diff) | |
usage of protocols can noe be configured
| -rw-r--r-- | src/daq/s5proxy/src/s5proxy/config.go | 2 | ||||
| -rw-r--r-- | src/daq/s5proxy/src/s5proxy/proxy.go | 48 |
2 files changed, 33 insertions, 17 deletions
diff --git a/src/daq/s5proxy/src/s5proxy/config.go b/src/daq/s5proxy/src/s5proxy/config.go index 62ea047..07d4c3c 100644 --- a/src/daq/s5proxy/src/s5proxy/config.go +++ b/src/daq/s5proxy/src/s5proxy/config.go @@ -64,7 +64,7 @@ func (p *ProtocolType) fromString(str string) (err error) { case string(HTTPSOnly): *p = ProtocolType(strings.ToLower(str)) default: - return errors.New("invalid protocol: '" + str + "'") + return fmt.Errorf("invalid protocol: '"+str+"', must be one of '%s', '%s' or '%s'", HTTPOnly, HTTPSOnly, HTTPAndHTTPS) } return } diff --git a/src/daq/s5proxy/src/s5proxy/proxy.go b/src/daq/s5proxy/src/s5proxy/proxy.go index 3f5ec89..7d0b0bd 100644 --- a/src/daq/s5proxy/src/s5proxy/proxy.go +++ b/src/daq/s5proxy/src/s5proxy/proxy.go @@ -34,6 +34,7 @@ package main import ( "crypto/tls" + "fmt" "net" "net/http" "net/http/httputil" @@ -177,17 +178,18 @@ func (h *httpsRedirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) http.Redirect(w, r, uri.String(), h.code) } -func (p *Proxy) RunHTTP(l net.Listener) error { +func (p *Proxy) RunHTTPRedirector(l net.Listener) error { mux := http.NewServeMux() - mux.Handle("/", &httpsRedirectHandler{http.StatusTemporaryRedirect}) // TODO: make redirect code configurable - - srv := &http.Server{ - Handler: mux, - } + mux.Handle("/", &httpsRedirectHandler{int(p.conf.Redirect2HTTPS)}) + srv := &http.Server{Handler: mux} return srv.Serve(l) } +func (p *Proxy) RunHTTP(l net.Listener) error { + return p.srv.Serve(l) +} + func (p *Proxy) RunHTTPS(l net.Listener) error { cert, err := tls.LoadX509KeyPair(p.conf.CertFile, p.conf.KeyFile) if err != nil { @@ -213,21 +215,35 @@ func (p *Proxy) RunHTTPS(l net.Listener) error { } func (p *Proxy) Run() error { - s5l.Printf("PROXY: listening on '%s'", p.conf.ListenAddr) - l, err := net.Listen("tcp", p.conf.ListenAddr) if err != nil { return err } - m := cmux.New(l) - httpL := m.Match(cmux.HTTP1Fast()) - httpsL := m.Match(cmux.Any()) - go p.RunHTTP(httpL) - go p.RunHTTPS(httpsL) + s5l.Printf("PROXY: listening on '%s' using protocol: %s", p.conf.ListenAddr, p.conf.Protocol) + switch p.conf.Protocol { + case HTTPAndHTTPS: + m := cmux.New(l) - if err := m.Serve(); !strings.Contains(err.Error(), "use of closed network connection") { - return err + httpL := m.Match(cmux.HTTP1Fast()) + if p.conf.Redirect2HTTPS > 0 { + s5l.Printf("PROXY: will redirect any traffic from http to https using status code %v", p.conf.Redirect2HTTPS) + go p.RunHTTPRedirector(httpL) + } else { + go p.RunHTTP(httpL) + } + + httpsL := m.Match(cmux.Any()) + go p.RunHTTPS(httpsL) + + if err := m.Serve(); !strings.Contains(err.Error(), "use of closed network connection") { + return err + } + return nil + case HTTPOnly: + return p.RunHTTP(l) + case HTTPSOnly: + return p.RunHTTPS(l) } - return nil + return fmt.Errorf("PROXY: unsupported protocol: '%s'", p.conf.Protocol) } |