aboutsummaryrefslogtreecommitdiff
path: root/main.go
blob: b0eafdd91870a4117390e027ccea21536a1ebf38 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package main

import (
	"crypto/tls"
	"errors"
	"flag"
	"log"
	"net/http"
	"net/http/httputil"
	"net/rpc"
	"net/url"
)

var (
	listen    = flag.String("listen", ":http", "HTTP port")
	listenTLS = flag.String("listentls", ":https", "TLS port")
	listenRPC = flag.String("listenrpc", ":http-alt", "RPC port")
	data      = flag.String("data", "data/goxy.gob", "persistent storage file")
	route     = make(Route)
	mux       = http.NewServeMux()
)

type Route map[string]Entry

type Entry struct {
	ServerName string
	Upstream   string
	Cert       []byte
	Key        []byte
	cert       *tls.Certificate
}

func (r Route) SNI(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
	if e, ok := r[h.ServerName]; ok && e.cert != nil {
		return e.cert, nil
	}
	return nil, errors.New("no cert for " + h.ServerName)
}

func (r Route) Restore() error {
	// FIXME assignment copies lock value to *mux: net/http.ServeMux contains sync.RWMutex
	*mux = *http.NewServeMux()
	for k, v := range route {
		cert, err := tls.X509KeyPair(v.Cert, v.Key)
		if err != nil {
			return err
		}
		v.cert = &cert
		r[k] = v
		v.NewHandle()
	}
	return nil
}

func (e Entry) NewHandle() error {
	log.Println("New handle", e)
	up, err := url.Parse(e.Upstream)
	if err != nil {
		return err
	}
	mux.Handle(e.ServerName+"/", httputil.NewSingleHostReverseProxy(up))
	return nil
}

func (e Entry) String() string {
	if e.cert != nil {
		return e.ServerName + " -> " + e.Upstream + " with TLS"
	} else {
		return e.ServerName + " -> " + e.Upstream
	}
}

func StartHTTP(listen string) {
	log.Println("listen", listen, "(HTTP)")
	s := http.Server{
		Addr:    listen,
		Handler: mux,
	}
	log.Fatal(s.ListenAndServe())
}

func StartTLS(listen string) {
	log.Println("listen", listen, "(TLS)")
	s := http.Server{
		Addr:      listen,
		Handler:   mux,
		TLSConfig: &tls.Config{GetCertificate: route.SNI},
	}
	log.Fatal(s.ListenAndServeTLS("", ""))
}

func StartRPC(listen string) {
	log.Println("listen", listen, "(RPC)")
	rpc.HandleHTTP()
	log.Fatal(http.ListenAndServe(listen, nil))
}

func main() {
	flag.Parse()

	if err := route.Load(*data); err != nil {
		log.Println(err)
	}
	route.Restore()

	go StartHTTP(*listen)
	go StartTLS(*listenTLS)
	go StartRPC(*listenRPC)

	select {}
}