added SSL support

txn2 · Jun 15, 2018 · 4975e57 · 4975e57
1 parent 13d56a8
commit 4975e57
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 2 deletions.
diff --git a/example.crt b/example.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID+zCCAuOgAwIBAgIJAIXNkz2Vj5lGMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEUMBIGA1UEBwwLTG9zIEFuZ2Vs
+ZXMxDTALBgNVBAoMBFRYTjIxEDAOBgNVBAsMB24ycHJveHkxGTAXBgNVBAMMEG4y
+cHJveHkudHhuMi5jb20xHTAbBgkqhkiG9w0BCQEWDmh1bWFuQHR4bjIuY29tMB4X
+DTE4MDYxNTIzMjI1NFoXDTE5MDYxNTIzMjI1NFowgZMxCzAJBgNVBAYTAlVTMRMw
+EQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtMb3MgQW5nZWxlczENMAsGA1UE
+CgwEVFhOMjEQMA4GA1UECwwHbjJwcm94eTEZMBcGA1UEAwwQbjJwcm94eS50eG4y
+LmNvbTEdMBsGCSqGSIb3DQEJARYOaHVtYW5AdHhuMi5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC9nw/2ASG2gL9GdEPN9ONH7ReU80NmL+QR2lxj
+fY8/QUSdEvdr8hO+VUkbd1bKlUR4kzDEbmUDFLVswSV/WAx8782ahGycNLRPyEqx
+vdxUYm7oy/tz8QBEApsLaFCjhtOmzqzFfmOKws60tlueS+xfO7WWd9Anx8NRXeWR
+IkuSAB287aREAHLcxudQp8VFQEeYG0ORGwRJi+FIBg/ddkNcgxruTHsUyHWQXBfP
+kTtGGp9LdS+BFWWxJenJzsAppJcmGZ8SjpgH7bjHUshi9LlhKj9U3Q7BpCSiPNpt
+ASlGhcRlOlsNic1aZlPfjZSkyVfoChOulFiOT9ReJzs5yOtTAgMBAAGjUDBOMB0G
+A1UdDgQWBBTdoIIuwrMh38fEZh15B7ySLgZSbTAfBgNVHSMEGDAWgBTdoIIuwrMh
+38fEZh15B7ySLgZSbTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAO
+Zlx5AXGQrZMWUU+frNATll3O5Ri9ydNjIx3LBr3TFC9KXnK3lH2IrIFiza5JFt8a
+WkVVPAgRqVJKQuoV3mkxrv2fac+SVQDVlEI0BwH0sMAxQpCHsWN/d2sPgMxstTWm
+KxaYRs3AQyuOtAEJlbk1xiqQbPjt/QtxOljbrf6JF28EyIhfftlnSLJUO3eds5hT
+EOEY5MJxCaMDi8EPyEUpEEaFDsJre1ie7CNv1fkU94FlS4CZuWHGVS0TzJ4ESh6j
+4Eu2cNux3uK5UOZFc/r73m8poXterRgci9B2842mC99Ht55htz4lzvTQPPVV/ulB
+IxYDtJdWBcrVg+4Reg6T
+-----END CERTIFICATE-----
diff --git a/example.key b/example.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC9nw/2ASG2gL9G
+dEPN9ONH7ReU80NmL+QR2lxjfY8/QUSdEvdr8hO+VUkbd1bKlUR4kzDEbmUDFLVs
+wSV/WAx8782ahGycNLRPyEqxvdxUYm7oy/tz8QBEApsLaFCjhtOmzqzFfmOKws60
+tlueS+xfO7WWd9Anx8NRXeWRIkuSAB287aREAHLcxudQp8VFQEeYG0ORGwRJi+FI
+Bg/ddkNcgxruTHsUyHWQXBfPkTtGGp9LdS+BFWWxJenJzsAppJcmGZ8SjpgH7bjH
+Ushi9LlhKj9U3Q7BpCSiPNptASlGhcRlOlsNic1aZlPfjZSkyVfoChOulFiOT9Re
+Jzs5yOtTAgMBAAECggEAHz4L9S5ujZFc8pDJcy+8Gue3kPUbz8RoQYDG5CWV6ogo
+c/DiD0kNc7i9mObqx+ocI/mseVDvF7jbw5V3RioNtLAWIjVbZ8lPRC3uEKcFnGmz
+eGvTfGDi+FGtlg2T672VNdCrqsaORBig0imRot1DjtVZr/cBtuw1BD0CTA1ogh91
+2f3vd0XJZ1zyoxLLlUW0NRQw4vsM49CZXKNVCWdg3AUSJgd2psJaCkxrSrzE+4xs
+I3JLHGGg6UTl+uR9hoV4txphM002qKDphuPgEYUIs3e/Tk+0++VyENYF4sdjM/1F
+HMdZoAOmCKAp1xDbg7TTuuK1cOu99je0/4OYYPHV8QKBgQDyEsdLNLB3u4iX2VW2
+PgcP3niVFzf59nBUMUSpoMvuVPT50/KiXOVlJIGSw5uWCoa4Fo0bJ0hKBXVIqtrR
+IyEH5XuvRl4/7ptPlbTuvgjm6EIWb5mW/GbdxCsM7UwAfIZqUdnftSFkClvTupIf
+bMuL9TYiiNgc+gy9dgx+SmzIjwKBgQDIh8cySspAVIoU2/N+yVy+py5e1ikHmfWj
+QBX/X7IybhIVpkkLiw4NOp/sSrCREsQ6SG6J4Sgp+BT61lj3ud2e+yBS89GnqsHu
+GyfO/WvLED+r89f997o4KWlpJa55XSqFmkPVNs6XlZiMZWeBcFBQb6oQ1IfdRPFQ
+rZQsZczq/QKBgQCYMd5DFllsredvMSGGdvERtRmzAuoaqipthJxa2dHdgmSTPgJq
+umUvdghRMdJ8Pxn8W5FT5Rq6Dzxx95mjq6Z0xH9C78cKAwZ6vvEGuUv3gUcru/ag
+ywgRnehDNF54X9JSvitxTvwzXZ/mOoLsZwaCdCUZCVh2v2+LHtE0Ba7nWQKBgCZH
+/Vf1fRzAxsdqodY/XIws4CZMnfKMip8KmehxfVQxPRSS9PjWJ+2Qln0GWSSov3sc
+3rVFnWQ9rsuf5cYM3mj+KdKMJybp6zGoT3YtXMmcJXuPBlm+U/dquGvRPLiAd6Cf
+rXljiBbaARA0P4kvRrXES2QBHpq4EZVEPbgoCvGFAoGBAMgB5qePkLRCUtZYKu+m
+BmXRusbWzzAxlfrnwiQyemXjg+w7AxOOVv0j0XLd2GnjOgGzlMMB11wbqqntSYyK
+DonY4Ma72DIypeuL466Qu/hU5ajPzYGsObxar5uJLhEYzK0C7GoxcGqTvZzP5dCA
+CuFmf4W5409qzRLmHI9BomBW
+-----END PRIVATE KEY-----
diff --git a/goreleaser.yml b/goreleaser.yml
@@ -14,6 +14,8 @@ build:
   goos:
     - linux
     - darwin
+    - arm
+    - arm64
 
   # GOARCH to build in.
   # For more info refer to https://golang.org/doc/install/source#environment
@@ -85,4 +87,13 @@ brew:
   description: "Contraband filtering reverse proxy."
 
   test: |-
-    n2proxy --version
+    n2proxy --version
+
+snapcraft:
+  name_template: '{{ .ProjectName }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  summary: Contraband filtering reverse proxy.
+  description: |
+    Contraband filtering reverse proxy. Provide a list of Regular Expression used to
+    detect and block hacking attempts.
+  grade: stable
+  confinement: classic
diff --git a/server.go b/server.go
@@ -83,12 +83,22 @@ func main() {
 	cfgEnv := getEnv("CFG", "./cfg.yml")
 	backendEnv := getEnv("BACKEND", "http://example.com:80")
 	logoutEnv := getEnv("LOGOUT", "stdout")
+	tlsEnvBool := false
+	tlsEnv := getEnv("TLS", "false")
+	if tlsEnv == "true" {
+		tlsEnvBool = true
+	}
+	crtEnv := getEnv("CRT", "./example.crt")
+	keyEnv := getEnv("KEY", "./example.key")
 
 	// command line falls back to env
 	port := flag.String("port", portEnv, "port to listen on.")
 	cfg := flag.String("cfg", cfgEnv, "config file path.")
 	backend := flag.String("backend", backendEnv, "backend server.")
 	logout := flag.String("logout", logoutEnv, "log output stdout | ")
+	tls := flag.Bool("tls", tlsEnvBool, "TLS Support (requires crt and key)")
+	crt := flag.String("crt", crtEnv, "Path to cert. (enable --tls)")
+	key := flag.String("key", keyEnv, "Path to private key. (enable --tls")
 	version := flag.Bool("version", false, "Display version.")
 	flag.Parse()
 
@@ -118,7 +128,20 @@ func main() {
 
 	// server
 	http.HandleFunc("/", proxy.handle)
-	http.ListenAndServe(":"+*port, nil)
+
+	if *tls != true {
+		err = http.ListenAndServe(":"+*port, nil)
+		if err != nil {
+			fmt.Printf("Error starting proxy: %s\n", err.Error())
+		}
+		os.Exit(0)
+	}
+
+	logger.Info("Starting proxy in TLS mode.")
+	err = http.ListenAndServeTLS(":"+*port, *crt, *key, nil)
+	if err != nil {
+		fmt.Printf("Error starting proxyin TLS mode: %s\n", err.Error())
+	}
 }
 
 // getEnv gets an environment variable or sets a default if