From 159259088341765862092f1c9d73a102fc995fd1 Mon Sep 17 00:00:00 2001 From: qowevisa Date: Fri, 23 Feb 2024 19:23:31 +0200 Subject: [PATCH] test --- Makefile | 4 +++ cmd/client/main.go | 50 ++++++++++++++--------------- cmd/server/main.go | 80 +++++++++++++++++----------------------------- 3 files changed, 57 insertions(+), 77 deletions(-) diff --git a/Makefile b/Makefile index ff6ffdb..1192ac3 100644 --- a/Makefile +++ b/Makefile @@ -13,6 +13,10 @@ server: server.crt server.key client: ca.crt go build -o ./bin/$@ ./cmd/$@ +gen_test_certs: + openssl ecparam -genkey -name prime256v1 -out server.key + openssl req -new -x509 -key server.key -out server.pem -days 3650 + gen_certs: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -config san.cnf #openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 diff --git a/cmd/client/main.go b/cmd/client/main.go index a389ee7..7a4387b 100644 --- a/cmd/client/main.go +++ b/cmd/client/main.go @@ -6,43 +6,41 @@ import ( "fmt" "io" "log" - "net/http" + "net" "os" "git.qowevisa.me/Qowevisa/gotell/env" ) func main() { - caCert, err := os.ReadFile("ca.crt") + host, err := env.GetHost() if err != nil { - log.Fatalf("Reading CA cert file: %s", err) + panic(err) } - - caCertPool := x509.NewCertPool() - caCertPool.AppendCertsFromPEM(caCert) - - tlsConfig := &tls.Config{ - RootCAs: caCertPool, - } - - client := &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: tlsConfig, - }, - } - - url := fmt.Sprintf("https://chat.qowevisa.me:%d", env.ConnectPort) - response, err := client.Get(url) + port, err := env.GetPort() if err != nil { - log.Fatalf("Failed to request: %s", err) + panic(err) } - defer response.Body.Close() - - body, err := io.ReadAll(response.Body) + // + rootCert, err := os.ReadFile("./server.pem") if err != nil { - log.Fatalf("Failed to read response: %s", err) + panic(err) + } + // + + roots := x509.NewCertPool() + ok := roots.AppendCertsFromPEM(rootCert) + if !ok { + log.Fatal("failed to parse root certificate") + } + config := &tls.Config{RootCAs: roots, ServerName: "localhost"} + + connp, err := net.Dial("tcp", fmt.Sprintf("%s:%d", host, port)) + if err != nil { + log.Fatal(err) } - log.Printf("Server response: %s", body) + conn := tls.Client(connp, config) + io.WriteString(conn, "Hello secure Server") + conn.Close() } - diff --git a/cmd/server/main.go b/cmd/server/main.go index 9f58057..b705538 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -1,78 +1,56 @@ package main import ( - "bufio" "crypto/tls" "fmt" + "io" "log" "net" - "net/http" "os" - "time" "git.qowevisa.me/Qowevisa/gotell/env" ) -func handle(w http.ResponseWriter, r *http.Request) { - fmt.Fprintf(w, "Hello, you've connected to the server!") - log.Printf("w: %#v", w) - log.Printf("r: %#v", r) -} - func main() { - // Listen on TCP port 8080 on all available unicast and anycast IP addresses of the local system. - cert, err := tls.LoadX509KeyPair("tls.crt", "tls.key") - if err != nil { - log.Fatalf("server: loadkeys: %s", err) - } - config := tls.Config{Certificates: []tls.Certificate{cert}} host, err := env.GetHost() if err != nil { - panic(err) + log.Fatal(err) } port, err := env.GetPort() if err != nil { - panic(err) + log.Fatal(err) } - srv := http.Server{ - Addr: fmt.Sprintf("%s:%d", host, port), - TLSConfig: &config, - ReadTimeout: time.Minute, - WriteTimeout: time.Minute, - Handler: http.HandlerFunc(handle), - } - log.Printf("Start http server on %s:%d\n", host, port) - err = srv.ListenAndServe() + // + serverCert, err := os.ReadFile("./server.pem") if err != nil { - log.Fatalf("Failed to start server: %v", err) - os.Exit(1) + log.Fatal(err) } - defer srv.Close() -} + serverKey, err := os.ReadFile("./server.key") + if err != nil { + log.Fatal(err) + } + cer, err := tls.X509KeyPair(serverCert, serverKey) + if err != nil { + log.Fatal(err) + } + config := &tls.Config{Certificates: []tls.Certificate{cer}} + // -func handleConnection(conn net.Conn) { - defer conn.Close() + l, err := tls.Listen("tcp", fmt.Sprintf("%s:%d", host, port), config) + if err != nil { + log.Fatal(err) + } + defer l.Close() - fmt.Printf("Client connected: %v\n", conn.RemoteAddr()) - - // Create a new reader for each client. - scanner := bufio.NewScanner(conn) - for scanner.Scan() { - // Read the incoming connection into the buffer. - text := scanner.Text() - fmt.Printf("Received: %s\n", text) - - // Send a response back to client. - _, err := conn.Write([]byte("Message received: " + text + "\n")) + for { + conn, err := l.Accept() if err != nil { - log.Printf("Failed to write to connection: %v", err) - break + log.Fatal(err) } + go func(c net.Conn) { + io.Copy(os.Stdout, c) + fmt.Println() + c.Close() + }(conn) } - - if err := scanner.Err(); err != nil { - fmt.Fprintf(os.Stderr, "Error reading from connection: %s\n", err) - } - - fmt.Printf("Client disconnected: %v\n", conn.RemoteAddr()) }