This commit is contained in:
qowevisa 2024-02-23 19:23:31 +02:00
parent 6571dc20c0
commit 1592590883
3 changed files with 57 additions and 77 deletions

View File

@ -13,6 +13,10 @@ server: server.crt server.key
client: ca.crt
go build -o ./bin/$@ ./cmd/$@
gen_test_certs:
openssl ecparam -genkey -name prime256v1 -out server.key
openssl req -new -x509 -key server.key -out server.pem -days 3650
gen_certs:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -config san.cnf
#openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

View File

@ -6,43 +6,41 @@ import (
"fmt"
"io"
"log"
"net/http"
"net"
"os"
"git.qowevisa.me/Qowevisa/gotell/env"
)
func main() {
caCert, err := os.ReadFile("ca.crt")
host, err := env.GetHost()
if err != nil {
log.Fatalf("Reading CA cert file: %s", err)
panic(err)
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)
tlsConfig := &tls.Config{
RootCAs: caCertPool,
}
client := &http.Client{
Transport: &http.Transport{
TLSClientConfig: tlsConfig,
},
}
url := fmt.Sprintf("https://chat.qowevisa.me:%d", env.ConnectPort)
response, err := client.Get(url)
port, err := env.GetPort()
if err != nil {
log.Fatalf("Failed to request: %s", err)
panic(err)
}
defer response.Body.Close()
body, err := io.ReadAll(response.Body)
//
rootCert, err := os.ReadFile("./server.pem")
if err != nil {
log.Fatalf("Failed to read response: %s", err)
panic(err)
}
//
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM(rootCert)
if !ok {
log.Fatal("failed to parse root certificate")
}
config := &tls.Config{RootCAs: roots, ServerName: "localhost"}
connp, err := net.Dial("tcp", fmt.Sprintf("%s:%d", host, port))
if err != nil {
log.Fatal(err)
}
log.Printf("Server response: %s", body)
conn := tls.Client(connp, config)
io.WriteString(conn, "Hello secure Server")
conn.Close()
}

View File

@ -1,78 +1,56 @@
package main
import (
"bufio"
"crypto/tls"
"fmt"
"io"
"log"
"net"
"net/http"
"os"
"time"
"git.qowevisa.me/Qowevisa/gotell/env"
)
func handle(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello, you've connected to the server!")
log.Printf("w: %#v", w)
log.Printf("r: %#v", r)
}
func main() {
// Listen on TCP port 8080 on all available unicast and anycast IP addresses of the local system.
cert, err := tls.LoadX509KeyPair("tls.crt", "tls.key")
if err != nil {
log.Fatalf("server: loadkeys: %s", err)
}
config := tls.Config{Certificates: []tls.Certificate{cert}}
host, err := env.GetHost()
if err != nil {
panic(err)
log.Fatal(err)
}
port, err := env.GetPort()
if err != nil {
panic(err)
log.Fatal(err)
}
srv := http.Server{
Addr: fmt.Sprintf("%s:%d", host, port),
TLSConfig: &config,
ReadTimeout: time.Minute,
WriteTimeout: time.Minute,
Handler: http.HandlerFunc(handle),
}
log.Printf("Start http server on %s:%d\n", host, port)
err = srv.ListenAndServe()
//
serverCert, err := os.ReadFile("./server.pem")
if err != nil {
log.Fatalf("Failed to start server: %v", err)
os.Exit(1)
log.Fatal(err)
}
defer srv.Close()
}
func handleConnection(conn net.Conn) {
defer conn.Close()
fmt.Printf("Client connected: %v\n", conn.RemoteAddr())
// Create a new reader for each client.
scanner := bufio.NewScanner(conn)
for scanner.Scan() {
// Read the incoming connection into the buffer.
text := scanner.Text()
fmt.Printf("Received: %s\n", text)
// Send a response back to client.
_, err := conn.Write([]byte("Message received: " + text + "\n"))
serverKey, err := os.ReadFile("./server.key")
if err != nil {
log.Printf("Failed to write to connection: %v", err)
break
log.Fatal(err)
}
cer, err := tls.X509KeyPair(serverCert, serverKey)
if err != nil {
log.Fatal(err)
}
config := &tls.Config{Certificates: []tls.Certificate{cer}}
//
if err := scanner.Err(); err != nil {
fmt.Fprintf(os.Stderr, "Error reading from connection: %s\n", err)
l, err := tls.Listen("tcp", fmt.Sprintf("%s:%d", host, port), config)
if err != nil {
log.Fatal(err)
}
defer l.Close()
fmt.Printf("Client disconnected: %v\n", conn.RemoteAddr())
for {
conn, err := l.Accept()
if err != nil {
log.Fatal(err)
}
go func(c net.Conn) {
io.Copy(os.Stdout, c)
fmt.Println()
c.Close()
}(conn)
}
}