package main // TODO learn more about chan chan's // import ( "bufio" "bytes" "crypto/rand" "encoding/base64" "flag" "fmt" "io" "io/ioutil" "net" "net/http" "net/url" "os" "strconv" "strings" "sync" "time" "" "" ) // I'm not sure how to pass nested structs, so I de-nested this. // TODO Learn if passing nested structs is desirable? type Conf struct { Port uint `yaml:"port,omitempty"` Mailer ConfMailer RootPath string `yaml:"root_path,omitempty"` } type ConfMailer struct { Url string `yaml:"url,omitempty"` ApiKey string `yaml:"api_key,omitempty"` From string `yaml:"from,omitempty"` } type tcpUser struct { bufConn bufferedConn userCount chan int email string newMsg chan string } // So we can peek at net.Conn, which we can't do natively // type bufferedConn struct { r *bufio.Reader rout io.Reader // See net.Conn } func newBufferedConn(c net.Conn) bufferedConn { return bufferedConn{bufio.NewReader(c), nil, c} } func (b bufferedConn) Peek(n int) ([]byte, error) { return b.r.Peek(n) } func (b bufferedConn) Buffered() int { return b.r.Buffered() } func (b bufferedConn) Read(p []byte) (int, error) { if b.rout != nil { return b.rout.Read(p) } return b.r.Read(p) } // Just making these all globals right now // because... I can clean it up later type myMsg struct { sender net.Conn Message string `json:"message"` ReceivedAt time.Time `json:"received_at"` Channel string `json:"channel"` User string `json:"user"` } type JsonMsg struct { Messages []*myMsg `json:"messages"` } type chatHist struct { msgs []*myMsg i int c int } var myChatHist chatHist var broadcastMsg chan myMsg var virginConns chan net.Conn var wantsServerHello chan bufferedConn var authTelnet chan tcpUser var cleanTelnet chan tcpUser var gotClientHello chan bufferedConn // Http var demuxHttpClient chan bufferedConn var newAuthReqs chan authReq var valAuthReqs chan authReq var delAuthReqs chan authReq func usage() { fmt.Fprintf(os.Stderr, "\nusage: go run chatserver.go\n") flag.PrintDefaults() fmt.Println() os.Exit(1) } // func genAuthCode() (string, error) { n := 12 b := make([]byte, n) _, err := rand.Read(b) // Note that err == nil only if we read len(b) bytes. if err != nil { return "", err } return base64.URLEncoding.EncodeToString(b), nil } func muxTcp(conn bufferedConn) { // Wish List for protocol detection // * PROXY protocol (and loop) // * HTTP CONNECT (proxy) (and loop) // * tls (and loop) // * http/ws // * irc // * fallback to telnet // At this piont we've already at least one byte via Peek() // so the first packet is available in the buffer // Note: Realistically no tls/http/irc client is going to send so few bytes // (and no router is going to chunk so small) // that it cannot reasonably detect the protocol in the first packet // However, typical MTU is 1,500 and HTTP can have a 2k URL // so expecting to find the "HTTP/1.1" in the Peek is not always reasonable n := conn.Buffered() firstMsg, err := conn.Peek(n) if nil != err { conn.Close() return } var protocol string // between A and z if firstMsg[0] >= 65 && firstMsg[0] <= 122 { i := bytes.Index(firstMsg, []byte(" /")) if -1 != i { protocol = "HTTP" // very likely HTTP j := bytes.IndexAny(firstMsg, "\r\n") if -1 != j { k := bytes.Index(bytes.ToLower(firstMsg[:j]), []byte("HTTP/1")) if -1 != k { // positively HTTP } } } } else if 0x16 /*22*/ == firstMsg[0] { // Because I don't always remember off the top of my head what the first byte is // // // TODO I want to learn about ALPN protocol = "TLS" } if "" == protocol { fmt.Fprintf(conn, "\n\nWelcome to Sample Chat! You're not an HTTP client, assuming Telnet.\nYou must authenticate via email to participate\n\nEmail: ") wantsServerHello <- conn return } else if "HTTP" != protocol { defer conn.Close() fmt.Fprintf(conn, "\n\nNot yet supported. Try HTTP or Telnet\n\n") return } demuxHttpClient <- conn } func handleConnection(netConn net.Conn) { ts := time.Now() fmt.Fprintf(os.Stdout, "[New Connection] (%s) welcome %s\n", ts, netConn.RemoteAddr().String()) m := sync.Mutex{} virgin := true bufConn := newBufferedConn(netConn) go func() { // Handle First Packet _, err := bufConn.Peek(1) //fmsg, err := bufConn.Peek(1) if nil != err { panic(err) } //fmt.Fprintf(os.Stdout, "[First Byte] %s\n", fmsg) m.Lock() if virgin { virgin = false gotClientHello <- bufConn } else { wantsServerHello <- bufConn } m.Unlock() }() time.Sleep(250 * 1000000) // If we still haven't received data from the client // assume that the client must be expecting a welcome from us m.Lock() if virgin { virgin = false // don't block for this // let it be handled after the unlock defer fmt.Fprintf(netConn, "\n\nWelcome to Sample Chat! You appear to be using Telnet (http is also available on this port)."+ "\nYou must authenticate via email to participate\n\nEmail: ") } m.Unlock() } func sendAuthCode(cnf ConfMailer, to string) (string, error) { code, err := genAuthCode() if nil != err { return "", err } // TODO use go text templates with HTML escaping text := "Your authorization code:\n\n" + code html := "Your authorization code:

" + code // // client := http.Client{} form := url.Values{} form.Add("from", cnf.From) form.Add("to", to) form.Add("subject", "Sample Chat Auth Code: "+code) form.Add("text", text) form.Add("html", html) req, err := http.NewRequest("POST", cnf.Url, strings.NewReader(form.Encode())) if nil != err { return "", err } //req.PostForm = form req.Header.Add("User-Agent", "golang http.Client - Sample Chat App Authenticator") req.Header.Add("Content-Type", "application/x-www-form-urlencoded") req.SetBasicAuth("api", cnf.ApiKey) resp, err := client.Do(req) if nil != err { return "", err } defer resp.Body.Close() // Security XXX // we trust mailgun implicitly and this is just a demo // hence no DoS check on body size for now body, err := ioutil.ReadAll(resp.Body) if nil != err { return "", err } if resp.StatusCode < 200 || resp.StatusCode >= 300 || "{" != string(body[0]) { fmt.Fprintf(os.Stdout, "[Mailgun] Uh-oh...\n[Maigun] Baby Brent says: %s\n", body) } return code, nil } type myHttpServer struct { chans chan bufferedConn net.Listener } func (m *myHttpServer) Accept() (net.Conn, error) { bufConn := <-m.chans return bufConn, nil } func newHttpServer(l net.Listener) *myHttpServer { return &myHttpServer{make(chan bufferedConn), l} } var config Conf func main() { flag.Usage = usage port := flag.Uint("telnet-port", 0, "tcp telnet chat port") confname := flag.String("conf", "./config.yml", "yaml config file") flag.Parse() confstr, err := ioutil.ReadFile(*confname) fmt.Fprintf(os.Stdout, "-conf=%s\n", *confname) if nil != err { fmt.Fprintf(os.Stderr, "%s\nUsing defaults instead\n", err) confstr = []byte("{\"port\":" + strconv.Itoa(int(*port)) + "}") } err = yaml.Unmarshal(confstr, &config) if nil != err { config = Conf{} } if "" == config.RootPath { // TODO Embed the public dir at the default config.RootPath = "./public" } // The magical sorting hat virginConns = make(chan net.Conn, 128) // TCP & Authentication myRawConns := make(map[bufferedConn]tcpUser) wantsServerHello = make(chan bufferedConn, 128) authTelnet = make(chan tcpUser, 128) // HTTP & Authentication myAuthReqs := make(map[string]authReq) newAuthReqs = make(chan authReq, 128) valAuthReqs = make(chan authReq, 128) delAuthReqs = make(chan authReq, 128) gotClientHello = make(chan bufferedConn, 128) demuxHttpClient = make(chan bufferedConn, 128) // cruft to delete //myRooms = make(map[string](chan myMsg)) //myRooms["general"] = make(chan myMsg, 128) // Note: I had considered dynamically select on channels for rooms. // // I don't think that's actually the best approach, but I just wanted to save the link broadcastMsg = make(chan myMsg, 128) // Poor-Man's container/ring (circular buffer) myChatHist.msgs = make([]*myMsg, 128) var addr string if 0 != int(*port) { addr = ":" + strconv.Itoa(int(*port)) } else { addr = ":" + strconv.Itoa(int(config.Port)) } // sock, err := net.Listen("tcp", addr) if nil != err { fmt.Fprintf(os.Stderr, "Couldn't bind to TCP socket %q: %s\n", addr, err) os.Exit(2) } fmt.Println("Listening on", addr) go func() { for { conn, err := sock.Accept() if err != nil { // Not sure what kind of error this could be or how it could happen. // Could a connection abort or end before it's handled? fmt.Fprintf(os.Stderr, "Error accepting connection:\n%s\n", err) } virginConns <- conn } }() // Learning by Example // // // // container := restful.NewContainer() wsStatic := new(restful.WebService) wsStatic.Path("/") wsStatic.Route(wsStatic.GET("/").To(serveStatic)) wsStatic.Route(wsStatic.GET("/{subpath:*}").To(serveStatic)) container.Add(wsStatic) cors := restful.CrossOriginResourceSharing{ExposeHeaders: []string{"Authorization"}, CookiesAllowed: false, Container: container} wsApi := new(restful.WebService) wsApi.Path("/api").Consumes(restful.MIME_JSON).Produces(restful.MIME_JSON).Filter(cors.Filter) wsApi.Route(wsApi.GET("/hello").To(serveHello)) wsApi.Route(wsApi.POST("/sessions").To(requestAuth)) wsApi.Route(wsApi.POST("/sessions/{cid}").To(issueToken)) wsApi.Route(wsApi.GET("/rooms/general").Filter(requireToken).To(listMsgs)) wsApi.Route(wsApi.POST("/rooms/general").Filter(requireToken).To(postMsg)) container.Add(wsApi) server := &http.Server{ Addr: addr, Handler: container, } myHttpServer := newHttpServer(sock) go func() { server.Serve(myHttpServer) }() // Main event loop handling most access to shared data for { select { case conn := <-virginConns: // This is short lived go handleConnection(conn) case u := <-authTelnet: // allow to receive messages // (and be counted among the users) myRawConns[u.bufConn] = u // is chan chan the right way to handle this? u.userCount <- len(myRawConns) broadcastMsg <- myMsg{ sender: nil, // TODO fmt.Fprintf()? template? Message: "<" + + "> joined #general\n", ReceivedAt: time.Now(), Channel: "general", User: "system", } case ar := <-newAuthReqs: myAuthReqs[ar.Cid] = ar case ar := <-valAuthReqs: // TODO In this case it's probably more conventional (and efficient) to // use struct with a mutex and the authReqs map than a chan chan av, ok := myAuthReqs[ar.Cid] //ar.Chan <- nil // TODO if ok { ar.Chan <- av } else { // sending empty object so that I can still send a copy // rather than a pointer above. Maybe not the right way // to do this, but it works for now. ar.Chan <- authReq{} } case ar := <-delAuthReqs: delete(myAuthReqs, ar.Cid) case bufConn := <-wantsServerHello: go handleTelnetConn(bufConn) case u := <-cleanTelnet: // we can safely ignore this error, if any close(u.newMsg) u.bufConn.Close() delete(myRawConns, u.bufConn) case bufConn := <-gotClientHello: go muxTcp(bufConn) case bufConn := <-demuxHttpClient: // this will be Accept()ed immediately by the go-restful container // NOTE: we don't store these HTTP connections for broadcast // since we manage the session by HTTP Auth Bearer rather than TCP myHttpServer.chans <- bufConn case msg := <-broadcastMsg: // copy comes in, pointer gets saved (and not GC'd, I hope) myChatHist.msgs[myChatHist.i] = &msg myChatHist.i += 1 if myChatHist.c < cap(myChatHist.msgs) { myChatHist.c += 1 } myChatHist.i %= len(myChatHist.msgs) // print the system message (the "log") t := msg.ReceivedAt tf := "%d-%02d-%02d %02d:%02d:%02d (%s)" var sender string if nil != msg.sender { sender = msg.sender.RemoteAddr().String() } else { sender = "system" } // Tangential thought: // I wonder if we could use IP detection to get the client's tz // ... could probably make time for this in the authentication loop zone, _ := msg.ReceivedAt.Zone() fmt.Fprintf(os.Stdout, tf+" [%s] (%s): %s\r\n", t.Year(), t.Month(), t.Day(), t.Hour(), t.Minute(), t.Second(), zone, sender, msg.User, msg.Message) for _, u := range myRawConns { // Don't echo back to the original client if msg.sender == u.bufConn { continue } msg := fmt.Sprintf(tf+" [%s]: %s", t.Year(), t.Month(), t.Day(), t.Hour(), t.Minute(), t.Second(), zone, msg.User, msg.Message) select { case u.newMsg <- msg: // all is well, client was ready to receive default: // Rate Limit: Reasonable poor man's DoS prevention (Part 2) // This client's send channel buffer is full. // It is consuming data too slowly. It may be malicious. // In the case that it's experiencing network issues, // well, these things happen when you're having network issues. // It can reconnect. cleanTelnet <- u } /* // To ask: Why do I have to pass in conn to prevent a data race? Is it garbage collection? // Don't block the rest of the loop // TODONE maybe use a chan to send to the socket's event loop // (left this in to remind myself to ask questions) go func(conn bufferedConn) { // Protect against malicious clients to prevent DoS // timeoutDuration := 2 * time.Second conn.SetWriteDeadline(time.Now().Add(timeoutDuration)) _, err := fmt.Fprintf(conn, msg) if nil != err { cleanTelnet <- u } }(conn) */ } } } }