https.go 2.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. // Copyright 2016 fatedier, [email protected]
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. package vhost
  15. import (
  16. "crypto/tls"
  17. "io"
  18. "net"
  19. "time"
  20. gnet "github.com/fatedier/golib/net"
  21. )
  22. type HTTPSMuxer struct {
  23. *Muxer
  24. }
  25. func NewHTTPSMuxer(listener net.Listener, timeout time.Duration) (*HTTPSMuxer, error) {
  26. mux, err := NewMuxer(listener, GetHTTPSHostname, nil, nil, nil, timeout)
  27. return &HTTPSMuxer{mux}, err
  28. }
  29. func GetHTTPSHostname(c net.Conn) (_ net.Conn, _ map[string]string, err error) {
  30. reqInfoMap := make(map[string]string, 0)
  31. sc, rd := gnet.NewSharedConn(c)
  32. clientHello, err := readClientHello(rd)
  33. if err != nil {
  34. return nil, reqInfoMap, err
  35. }
  36. reqInfoMap["Host"] = clientHello.ServerName
  37. reqInfoMap["Scheme"] = "https"
  38. return sc, reqInfoMap, nil
  39. }
  40. func readClientHello(reader io.Reader) (*tls.ClientHelloInfo, error) {
  41. var hello *tls.ClientHelloInfo
  42. // Note that Handshake always fails because the readOnlyConn is not a real connection.
  43. // As long as the Client Hello is successfully read, the failure should only happen after GetConfigForClient is called,
  44. // so we only care about the error if hello was never set.
  45. err := tls.Server(readOnlyConn{reader: reader}, &tls.Config{
  46. GetConfigForClient: func(argHello *tls.ClientHelloInfo) (*tls.Config, error) {
  47. hello = &tls.ClientHelloInfo{}
  48. *hello = *argHello
  49. return nil, nil
  50. },
  51. }).Handshake()
  52. if hello == nil {
  53. return nil, err
  54. }
  55. return hello, nil
  56. }
  57. type readOnlyConn struct {
  58. reader io.Reader
  59. }
  60. func (conn readOnlyConn) Read(p []byte) (int, error) { return conn.reader.Read(p) }
  61. func (conn readOnlyConn) Write(p []byte) (int, error) { return 0, io.ErrClosedPipe }
  62. func (conn readOnlyConn) Close() error { return nil }
  63. func (conn readOnlyConn) LocalAddr() net.Addr { return nil }
  64. func (conn readOnlyConn) RemoteAddr() net.Addr { return nil }
  65. func (conn readOnlyConn) SetDeadline(t time.Time) error { return nil }
  66. func (conn readOnlyConn) SetReadDeadline(t time.Time) error { return nil }
  67. func (conn readOnlyConn) SetWriteDeadline(t time.Time) error { return nil }