From 5018898d9265377a18b1dd07cca5003184cfeb8b Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 11 Mar 2018 16:25:03 +0100
Subject: fix error handling for s5proxy tls config

---
 src/daq/s5proxy/src/s5proxy/proxy.go | 33 +++++++++++++++++++++------------
 1 file changed, 21 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/daq/s5proxy/src/s5proxy/proxy.go b/src/daq/s5proxy/src/s5proxy/proxy.go
index d55f270..f23f0c3 100644
--- a/src/daq/s5proxy/src/s5proxy/proxy.go
+++ b/src/daq/s5proxy/src/s5proxy/proxy.go
@@ -169,7 +169,7 @@ func (h *httpsRedirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
 	http.Redirect(w, r, uri.String(), h.code)
 }
 
-func (p *Proxy) RunHTTPRedirector(l net.Listener) error {
+func (p *Proxy) runHTTPRedirector(l net.Listener) error {
 	mux := http.NewServeMux()
 	mux.Handle("/", &httpsRedirectHandler{int(p.conf.Redirect2HTTPS)})
 
@@ -177,18 +177,20 @@ func (p *Proxy) RunHTTPRedirector(l net.Listener) error {
 	return srv.Serve(l)
 }
 
-func (p *Proxy) RunHTTP(l net.Listener) error {
+func (p *Proxy) runHTTP(l net.Listener) error {
 	return p.srv.Serve(l)
 }
 
-func (p *Proxy) RunHTTPS(l net.Listener) error {
+func (p *Proxy) prepareTLS(l net.Listener) (net.Listener, error) {
 	cfg, err := p.conf.TLS.ToGoTLSConfig()
 	if err != nil {
-		return err
+		return nil, err
 	}
+	return tls.NewListener(l, cfg), nil
+}
 
-	tlsL := tls.NewListener(l, cfg) // TODO: error handling
-	return p.srv.Serve(tlsL)
+func (p *Proxy) runHTTPS(l net.Listener) error {
+	return p.srv.Serve(l)
 }
 
 func (p *Proxy) Run() error {
@@ -205,22 +207,29 @@ func (p *Proxy) Run() error {
 		httpL := m.Match(cmux.HTTP1Fast())
 		if p.conf.Redirect2HTTPS > 0 {
 			s5l.Printf("PROXY: will redirect any traffic from http to https using status code %v", p.conf.Redirect2HTTPS)
-			go p.RunHTTPRedirector(httpL)
+			go p.runHTTPRedirector(httpL)
 		} else {
-			go p.RunHTTP(httpL)
+			go p.runHTTP(httpL)
 		}
 
-		httpsL := m.Match(cmux.Any())
-		go p.RunHTTPS(httpsL)
+		httpsL, err := p.prepareTLS(m.Match(cmux.Any()))
+		if err != nil {
+			return err
+		}
+		go p.runHTTPS(httpsL)
 
 		if err := m.Serve(); !strings.Contains(err.Error(), "use of closed network connection") { // TODO: is this really the best way to do this?
 			return err
 		}
 		return nil
 	case HTTPOnly:
-		return p.RunHTTP(l)
+		return p.runHTTP(l)
 	case HTTPSOnly:
-		return p.RunHTTPS(l)
+		httpsL, err := p.prepareTLS(l)
+		if err != nil {
+			return err
+		}
+		return p.runHTTPS(httpsL)
 	}
 	return fmt.Errorf("PROXY: unsupported protocol: '%s'", p.conf.Protocol)
 }
-- 
cgit v1.2.3