diff --git a/mplexer/packer/connwrap.go b/mplexer/packer/connwrap.go index f1aaf2c..ab731b8 100644 --- a/mplexer/packer/connwrap.go +++ b/mplexer/packer/connwrap.go @@ -1,7 +1,6 @@ package packer import ( - "fmt" "net" "time" ) @@ -61,7 +60,8 @@ func (c *ConnWrap) Servername() string { return "" } -// isTerminated returns true if it is certain that the connection has been decrypted at least once +// isTerminated returns true if net.Conn is either a ConnWrap{ tls.Conn }, +// or a telebit.Conn with a non-encrypted `scheme` such as "tcp" or "http". func (c *ConnWrap) isTerminated() bool { if nil != c.Plain { return true @@ -71,7 +71,6 @@ func (c *ConnWrap) isTerminated() bool { case *ConnWrap: return conn.isTerminated() case *Conn: - fmt.Printf("[debug] isTerminated: %#v\n", conn.relayTargetAddr) _, ok := encryptedSchemes[string(conn.relayTargetAddr.scheme)] return !ok } diff --git a/mplexer/packer/encoder.go b/mplexer/packer/encoder.go index 59a061f..81b4053 100644 --- a/mplexer/packer/encoder.go +++ b/mplexer/packer/encoder.go @@ -3,7 +3,6 @@ package packer import ( "context" "errors" - "fmt" "io" "sync" ) @@ -60,7 +59,7 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error { rx := make(chan []byte) rxErr := make(chan error) - fmt.Println("what's the source to encode?", src) + //fmt.Println("[debug] what's the source to encode?", src) go func() { for { @@ -95,8 +94,8 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error { //rin.Close() return err } - fmt.Println("[debug] encode header:", string(header)) - fmt.Println("[debug] encode payload:", string(b)) + //fmt.Println("[debug] encode header:", string(header)) + //fmt.Println("[debug] encode payload:", string(b)) _, err = enc.write(header, b) if nil != err { @@ -108,7 +107,7 @@ func (enc *Encoder) Encode(rin io.Reader, src, dst Addr) error { //rin.Close() if io.EOF == err { header, _, _ := Encode(nil, src, Addr{scheme: "end"}) - fmt.Println("[debug] encode end: ", string(header)) + //fmt.Println("[debug] encode end: ", string(header)) // ignore err, which may have already closed _, _ = enc.write(header, nil) return nil diff --git a/mplexer/packer/listener.go b/mplexer/packer/listener.go index f081ad4..b8d8aca 100644 --- a/mplexer/packer/listener.go +++ b/mplexer/packer/listener.go @@ -115,10 +115,8 @@ func (l *Listener) RouteBytes(srcAddr, dstAddr Addr, b []byte) { src := &srcAddr dst := &dstAddr - pipe := l.getPipe(src, dst) - - fmt.Printf("Forwarding bytes\n\tfrom %#v\n\tto %#v:\n", src, dst) - fmt.Printf("%s\n", b) + pipe := l.getPipe(src, dst, len(b)) + //fmt.Printf("%s\n", b) // handle errors before data writes because I don't // remember where the error message goes @@ -141,7 +139,7 @@ func (l *Listener) RouteBytes(srcAddr, dstAddr Addr, b []byte) { } } -func (l *Listener) getPipe(src, dst *Addr) net.Conn { +func (l *Listener) getPipe(src, dst *Addr, count int) net.Conn { connID := src.Network() pipe, ok := l.conns[connID] @@ -149,6 +147,7 @@ func (l *Listener) getPipe(src, dst *Addr) net.Conn { if ok { return pipe } + fmt.Printf("New client (%d byte hello)\n\tfrom %#v\n\tto %#v:\n", count, src, dst) // Create pipe rawPipe, pipe := net.Pipe() @@ -156,12 +155,7 @@ func (l *Listener) getPipe(src, dst *Addr) net.Conn { //updated: time.Now(), relaySourceAddr: *src, relayTargetAddr: *dst, - /* - relayTargetAddr: Addr{ - scheme: addr.scheme, - }, - */ - relay: rawPipe, + relay: rawPipe, } l.conns[connID] = pipe l.incoming <- newconn diff --git a/mplexer/packer/routemux.go b/mplexer/packer/routemux.go index 97babd1..9859459 100644 --- a/mplexer/packer/routemux.go +++ b/mplexer/packer/routemux.go @@ -36,7 +36,7 @@ func (m *RouteMux) Serve(client net.Conn) error { for _, meta := range m.list { if servername == meta.addr || "*" == meta.addr { - fmt.Println("[debug] test of route:", meta) + //fmt.Println("[debug] test of route:", meta) if err := meta.handler.Serve(client); nil != err { // error should be EOF if successful return err diff --git a/mplexer/packer/telebit.go b/mplexer/packer/telebit.go index 5b81231..3044f0f 100644 --- a/mplexer/packer/telebit.go +++ b/mplexer/packer/telebit.go @@ -110,24 +110,34 @@ func Forward(client net.Conn, target net.Conn, timeout time.Duration) error { client.SetDeadline(time.Now().Add(timeout)) _, err = target.Write(b) if nil != err { - fmt.Printf("write to target failed: %q", err.Error()) + fmt.Printf("write to target failed: %q\n", err.Error()) break } case b := <-dstCh: target.SetDeadline(time.Now().Add(timeout)) _, err = client.Write(b) if nil != err { - fmt.Printf("write to remote failed: %q", err.Error()) + fmt.Printf("write to remote failed: %q\n", err.Error()) break } case err = <-srcErrCh: - if nil != err { - fmt.Printf("read from remote failed: %q", err.Error()) + if nil == err { + break + } + if io.EOF != err { + fmt.Printf("read from remote client failed: %q\n", err.Error()) + } else { + fmt.Printf("Connection closed (possibly by remote client)\n") } break case err = <-dstErrCh: - if nil != err { - fmt.Printf("read from target failed: %q", err.Error()) + if nil == err { + break + } + if io.EOF != err { + fmt.Printf("read from local target failed: %q\n", err.Error()) + } else { + fmt.Printf("Connection closed (possibly by local target)\n") } break @@ -149,6 +159,8 @@ type ACME struct { EnableTLSALPNChallenge bool } +var acmecert *certmagic.Config = nil + func NewTerminator(acme *ACME, handler Handler) HandlerFunc { return func(client net.Conn) error { return handler.Serve(TerminateTLS(client, acme)) @@ -156,15 +168,22 @@ func NewTerminator(acme *ACME, handler Handler) HandlerFunc { } func TerminateTLS(client net.Conn, acme *ACME) net.Conn { - acme.Storage = &certmagic.FileStorage{Path: acme.StoragePath} + var magic *certmagic.Config = nil - if "" == acme.Directory { - acme.Directory = certmagic.LetsEncryptProductionCA - } - magic, err := newCertMagic(acme) - if nil != err { - fmt.Fprintf(os.Stderr, "failed to initialize certificate management (discovery url? local folder perms?): %s\n", err) - os.Exit(1) + if nil == acmecert { + acme.Storage = &certmagic.FileStorage{Path: acme.StoragePath} + + if "" == acme.Directory { + acme.Directory = certmagic.LetsEncryptProductionCA + } + + var err error + magic, err = newCertMagic(acme) + if nil != err { + fmt.Fprintf(os.Stderr, "failed to initialize certificate management (discovery url? local folder perms?): %s\n", err) + os.Exit(1) + } + acmecert = magic } tlsConfig := &tls.Config{ diff --git a/mplexer/packer/websockettunnel.go b/mplexer/packer/websockettunnel.go index 31d4d62..d0e283c 100644 --- a/mplexer/packer/websockettunnel.go +++ b/mplexer/packer/websockettunnel.go @@ -61,7 +61,7 @@ func (wsw *WebsocketTunnel) Read(b []byte) (int, error) { if nil == wsw.tmpr { _, msgr, err := wsw.wsconn.NextReader() if nil != err { - fmt.Println("debug wsw NextReader err:", err) + //fmt.Println("debug wsw NextReader err:", err) return 0, err } wsw.tmpr = msgr @@ -69,7 +69,7 @@ func (wsw *WebsocketTunnel) Read(b []byte) (int, error) { n, err := wsw.tmpr.Read(b) if nil != err { - fmt.Println("debug wsw Read err:", err) + //fmt.Println("debug wsw Read err:", err) if io.EOF == err { wsw.tmpr = nil // ignore the message EOF because it's not the websocket EOF @@ -85,12 +85,12 @@ func (wsw *WebsocketTunnel) Write(b []byte) (int, error) { msgw, err := wsw.wsconn.NextWriter(websocket.BinaryMessage) if nil != err { - fmt.Println("debug wsw NextWriter err:", err) + //fmt.Println("debug wsw NextWriter err:", err) return 0, err } n, err := msgw.Write(b) if nil != err { - fmt.Println("debug wsw Write err:", err) + //fmt.Println("debug wsw Write err:", err) return n, err } @@ -100,7 +100,7 @@ func (wsw *WebsocketTunnel) Write(b []byte) (int, error) { // Close will close the websocket with a control message func (wsw *WebsocketTunnel) Close() error { - fmt.Println("[debug] closing the websocket.Conn") + //fmt.Println("[debug] closing the websocket.Conn") // TODO handle EOF as websocket.CloseNormal? message := websocket.FormatCloseMessage(websocket.CloseGoingAway, "closing connection")