test
This commit is contained in:
parent
6571dc20c0
commit
1592590883
4
Makefile
4
Makefile
|
@ -13,6 +13,10 @@ server: server.crt server.key
|
|||
client: ca.crt
|
||||
go build -o ./bin/$@ ./cmd/$@
|
||||
|
||||
gen_test_certs:
|
||||
openssl ecparam -genkey -name prime256v1 -out server.key
|
||||
openssl req -new -x509 -key server.key -out server.pem -days 3650
|
||||
|
||||
gen_certs:
|
||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -config san.cnf
|
||||
#openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
|
||||
|
|
|
@ -6,43 +6,41 @@ import (
|
|||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
"net"
|
||||
"os"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/gotell/env"
|
||||
)
|
||||
|
||||
func main() {
|
||||
caCert, err := os.ReadFile("ca.crt")
|
||||
host, err := env.GetHost()
|
||||
if err != nil {
|
||||
log.Fatalf("Reading CA cert file: %s", err)
|
||||
panic(err)
|
||||
}
|
||||
|
||||
caCertPool := x509.NewCertPool()
|
||||
caCertPool.AppendCertsFromPEM(caCert)
|
||||
|
||||
tlsConfig := &tls.Config{
|
||||
RootCAs: caCertPool,
|
||||
}
|
||||
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: tlsConfig,
|
||||
},
|
||||
}
|
||||
|
||||
url := fmt.Sprintf("https://chat.qowevisa.me:%d", env.ConnectPort)
|
||||
response, err := client.Get(url)
|
||||
port, err := env.GetPort()
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to request: %s", err)
|
||||
panic(err)
|
||||
}
|
||||
defer response.Body.Close()
|
||||
|
||||
body, err := io.ReadAll(response.Body)
|
||||
//
|
||||
rootCert, err := os.ReadFile("./server.pem")
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to read response: %s", err)
|
||||
panic(err)
|
||||
}
|
||||
//
|
||||
|
||||
roots := x509.NewCertPool()
|
||||
ok := roots.AppendCertsFromPEM(rootCert)
|
||||
if !ok {
|
||||
log.Fatal("failed to parse root certificate")
|
||||
}
|
||||
config := &tls.Config{RootCAs: roots, ServerName: "localhost"}
|
||||
|
||||
connp, err := net.Dial("tcp", fmt.Sprintf("%s:%d", host, port))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
log.Printf("Server response: %s", body)
|
||||
conn := tls.Client(connp, config)
|
||||
io.WriteString(conn, "Hello secure Server")
|
||||
conn.Close()
|
||||
}
|
||||
|
||||
|
|
|
@ -1,78 +1,56 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"git.qowevisa.me/Qowevisa/gotell/env"
|
||||
)
|
||||
|
||||
func handle(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, "Hello, you've connected to the server!")
|
||||
log.Printf("w: %#v", w)
|
||||
log.Printf("r: %#v", r)
|
||||
}
|
||||
|
||||
func main() {
|
||||
// Listen on TCP port 8080 on all available unicast and anycast IP addresses of the local system.
|
||||
cert, err := tls.LoadX509KeyPair("tls.crt", "tls.key")
|
||||
if err != nil {
|
||||
log.Fatalf("server: loadkeys: %s", err)
|
||||
}
|
||||
config := tls.Config{Certificates: []tls.Certificate{cert}}
|
||||
host, err := env.GetHost()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
log.Fatal(err)
|
||||
}
|
||||
port, err := env.GetPort()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
log.Fatal(err)
|
||||
}
|
||||
srv := http.Server{
|
||||
Addr: fmt.Sprintf("%s:%d", host, port),
|
||||
TLSConfig: &config,
|
||||
ReadTimeout: time.Minute,
|
||||
WriteTimeout: time.Minute,
|
||||
Handler: http.HandlerFunc(handle),
|
||||
}
|
||||
log.Printf("Start http server on %s:%d\n", host, port)
|
||||
err = srv.ListenAndServe()
|
||||
//
|
||||
serverCert, err := os.ReadFile("./server.pem")
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to start server: %v", err)
|
||||
os.Exit(1)
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer srv.Close()
|
||||
}
|
||||
|
||||
func handleConnection(conn net.Conn) {
|
||||
defer conn.Close()
|
||||
|
||||
fmt.Printf("Client connected: %v\n", conn.RemoteAddr())
|
||||
|
||||
// Create a new reader for each client.
|
||||
scanner := bufio.NewScanner(conn)
|
||||
for scanner.Scan() {
|
||||
// Read the incoming connection into the buffer.
|
||||
text := scanner.Text()
|
||||
fmt.Printf("Received: %s\n", text)
|
||||
|
||||
// Send a response back to client.
|
||||
_, err := conn.Write([]byte("Message received: " + text + "\n"))
|
||||
serverKey, err := os.ReadFile("./server.key")
|
||||
if err != nil {
|
||||
log.Printf("Failed to write to connection: %v", err)
|
||||
break
|
||||
log.Fatal(err)
|
||||
}
|
||||
cer, err := tls.X509KeyPair(serverCert, serverKey)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
config := &tls.Config{Certificates: []tls.Certificate{cer}}
|
||||
//
|
||||
|
||||
if err := scanner.Err(); err != nil {
|
||||
fmt.Fprintf(os.Stderr, "Error reading from connection: %s\n", err)
|
||||
l, err := tls.Listen("tcp", fmt.Sprintf("%s:%d", host, port), config)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer l.Close()
|
||||
|
||||
fmt.Printf("Client disconnected: %v\n", conn.RemoteAddr())
|
||||
for {
|
||||
conn, err := l.Accept()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
go func(c net.Conn) {
|
||||
io.Copy(os.Stdout, c)
|
||||
fmt.Println()
|
||||
c.Close()
|
||||
}(conn)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user