-
Notifications
You must be signed in to change notification settings - Fork 617
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds support for the https+tcp+sni listener. Any routes that are marked with proto=tcp or have a scheme tcp:// will be matched for TCP steering. Failing any matches there, fallthrough will be to https matching. This resolves: #783. clean up error handling on 'use of closed network connection' case fix makefile tag finding stuff fix logic for https+tcp+sni matching so that only explicit proto=tcp matches Adding an integration test make sure proxy is listening before starting test add buffered err chan to Close() per dcarbone add 1.14 and 1.15 to travis tests
- Loading branch information
1 parent
c034d4f
commit ffec71e
Showing
23 changed files
with
1,628 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
package proxy | ||
|
||
import ( | ||
"context" | ||
"errors" | ||
"fmt" | ||
"log" | ||
"net" | ||
"net/http" | ||
|
||
"github.com/inetaf/tcpproxy" | ||
) | ||
|
||
type childProxy struct { | ||
l net.Listener | ||
s Server | ||
} | ||
|
||
type InetAfTCPProxyServer struct { | ||
Proxy *tcpproxy.Proxy | ||
children []*childProxy | ||
} | ||
|
||
// Close - implements Server - is this even called? | ||
func (tps *InetAfTCPProxyServer) Close() error { | ||
_ = tps.Proxy.Close() | ||
firstErr := tps.Proxy.Wait() | ||
errChan := make(chan error, len(tps.children)) | ||
for _, sl := range tps.children { | ||
go func(sl *childProxy) { | ||
errChan <- sl.s.Close() | ||
}(sl) | ||
} | ||
for range tps.children { | ||
err := <-errChan | ||
if errors.Is(err, http.ErrServerClosed) { | ||
err = nil | ||
} | ||
if firstErr == nil { | ||
firstErr = err | ||
} | ||
if err != nil { | ||
log.Printf("[ERROR] %s", err) | ||
} | ||
} | ||
return firstErr | ||
|
||
} | ||
|
||
// Serve - implements server. The listener is ignored, but it | ||
// calls serve on the children | ||
func (tps *InetAfTCPProxyServer) Serve(_ net.Listener) error { | ||
if len(tps.children) == 0 { | ||
return fmt.Errorf("no children defined for listener") | ||
} | ||
errChan := make(chan error, len(tps.children)) | ||
for _, sl := range tps.children { | ||
go func(sl *childProxy) { | ||
errChan <- sl.s.Serve(sl.l) | ||
}(sl) | ||
} | ||
firstErr := tps.Proxy.Wait() | ||
for range tps.children { | ||
err := <-errChan | ||
if errors.Is(err, http.ErrServerClosed) { | ||
err = nil | ||
} | ||
if firstErr == nil { | ||
firstErr = err | ||
} | ||
if err != nil { | ||
log.Print("[FATAL] ", err) | ||
} | ||
} | ||
return firstErr | ||
} | ||
|
||
// ServeLater - l is really only for listeners that are | ||
// tcpproxy.TargetListener or a derivative. Don't call after | ||
// Serve() is called. | ||
func (tps *InetAfTCPProxyServer) ServeLater(l net.Listener, s Server) { | ||
tps.children = append(tps.children, &childProxy{l, s}) | ||
} | ||
|
||
func (tps *InetAfTCPProxyServer) Shutdown(ctx context.Context) error { | ||
_ = tps.Proxy.Close() // always returns nil error anyway | ||
firstErr := tps.Proxy.Wait() // wait for outer listener to close before telling the childProxy | ||
errChan := make(chan error, len(tps.children)) | ||
for _, sl := range tps.children { | ||
go func(sl *childProxy) { | ||
errChan <- sl.s.Shutdown(ctx) | ||
}(sl) | ||
} | ||
for range tps.children { | ||
err := <-errChan | ||
if firstErr == nil { | ||
firstErr = err | ||
} | ||
if err != nil { | ||
log.Print("[ERROR] ", err) | ||
} | ||
} | ||
return firstErr | ||
} |
Oops, something went wrong.