made the --tunnel option (partially) work

This commit is contained in:
tigerbot 2017-05-26 12:11:39 -06:00
parent 5c7f2321cc
commit 509f2f4f4f
4 changed files with 63 additions and 48 deletions

View File

@ -137,6 +137,8 @@ function readConfigAndRun(args) {
config.addresses = addresses;
config.device = { hostname: 'daplien-pod' };
config.tunnel = args.tunnel || config.tunnel;
var PromiseA = require('bluebird');
var tcpProm, dnsProm;

View File

@ -15,7 +15,6 @@ module.exports = function (myDeps, conf, overrideHttp) {
//var server;
var serveInit;
var app;
var tun;
var request;
/*
@ -43,7 +42,6 @@ module.exports = function (myDeps, conf, overrideHttp) {
function createServeInit() {
var PromiseA = require('bluebird');
var stunnel = require('stunnel');
var OAUTH3 = require('../packages/assets/org.oauth3');
require('../packages/assets/org.oauth3/oauth3.domains.js');
require('../packages/assets/org.oauth3/oauth3.dns.js');
@ -143,8 +141,7 @@ module.exports = function (myDeps, conf, overrideHttp) {
providerUri: providerUri
, session: session
});
//var crypto = require('crypto');
//var id = crypto.createHash('sha256').update(session.token.sub).digest('hex');
return oauth3.setProvider(providerUri).then(function () {
/*
return oauth3.api('domains.list').then(function (domains) {
@ -173,55 +170,13 @@ module.exports = function (myDeps, conf, overrideHttp) {
}
}).then(function (result) {
console.log('got a token from the tunnel server?');
console.log(result);
if (!result.tunnelUrl) {
result.tunnelUrl = ('wss://' + (new Buffer(result.jwt.split('.')[1], 'base64').toString('ascii')).aud + '/');
}
var services = { https: { '*': 443 }, http: { '*': 80 }, smtp: { '*': 25}, smtps: { '*': 587 /*also 465/starttls*/ } /*, ssh: { '*': 22 }*/ };
/*
console.log('blah');
console.log(result.jwt);
console.log(result.tunnelUrl);
console.log(services);
console.log('deps.tunnel');
console.log(deps.tunnel);
console.log('deps.tunnel.net');
console.log(deps.tunnel.net.toString());
console.log('deps.net');
console.log(deps.net);
*/
var opts3 = {
token: result.jwt
, stunneld: result.tunnelUrl
// we'll provide faux networking and pipe as we please
, services: services
, net: myDeps.tunnel.net
};
console.log('blah 2');
if (tun) {
console.log('balh 3');
if (tun.append) {
tun.append(result.jwt);
}
else if (tun.end) {
tun.end();
tun = null;
}
}
console.log('might have tunnel?');
if (!tun) {
console.log('connecting to the tunnel');
tun = stunnel.connect(opts3);
conf.tun = true;
}
result.owner = session.id;
deps.tunneler.add(result);
});
/*
});
*/
});
//, { token: token, refresh: refresh });
}
};

View File

@ -184,6 +184,7 @@ module.exports.create = function (deps, config) {
return writer;
}
};
deps.tunneler = require('./tunnel-manager').create(deps, config);
var listenPromises = [];
var tcpPortMap = {};

57
lib/tunnel-manager.js Normal file
View File

@ -0,0 +1,57 @@
'use strict';
module.exports.create = function (deps, config) {
var stunnel = require('stunnel');
var activeTunnels = {};
function addToken(data) {
if (!data.tunnelUrl) {
var decoded;
try {
decoded = JSON.parse(new Buffer(data.jwt.split('.')[1], 'base64').toString('ascii'));
} catch (err) {
console.warn('invalid web token given to tunnel manager', err);
return;
}
if (!decoded.aud) {
console.warn('tunnel manager given token with no tunnelUrl or audience');
return;
}
data.tunnelUrl = 'wss://' + decoded.aud + '/';
}
if (!activeTunnels[data.tunnelUrl]) {
console.log('creating new tunnel client for', data.tunnelUrl);
// We create the tunnel without an initial token so we can append the token and
// get the promise that should tell us more about if it worked or not.
activeTunnels[data.tunnelUrl] = stunnel.connect({
stunneld: data.tunnelUrl
, net: deps.tunnel.net
// NOTE: the ports here aren't that important since we are providing a custom
// `net.createConnection` that doesn't actually use the port. What is important
// is that any services we are interested in are listed in this object and have
// a '*' sub-property.
, services: {
https: { '*': 443 }
, http: { '*': 80 }
, smtp: { '*': 25 }
, smtps: { '*': 587 /*also 465/starttls*/ }
, ssh: { '*': 22 }
}
});
}
console.log('appending token to tunnel at', data.tunnelUrl);
return activeTunnels[data.tunnelUrl].append(data.jwt);
}
if (typeof config.tunnel === 'string') {
config.tunnel.split(',').forEach(function (jwt) {
addToken({ jwt: jwt, owner: 'config' });
});
}
return {
add: addToken
};
};