2017-04-06 04:44:12 +00:00
|
|
|
package tun2
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
2017-10-07 15:46:32 +00:00
|
|
|
"bytes"
|
2017-04-06 04:44:12 +00:00
|
|
|
"context"
|
2017-10-07 16:41:48 +00:00
|
|
|
"expvar"
|
2017-10-07 15:46:32 +00:00
|
|
|
"io/ioutil"
|
2017-04-06 04:44:12 +00:00
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/Xe/ln"
|
|
|
|
failure "github.com/dgryski/go-failure"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/xtaci/smux"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Connection is a single active client -> server connection and session
|
|
|
|
// containing many streams over TCP+TLS or KCP+TLS. Every stream beyond the
|
|
|
|
// control stream is assumed to be passed to the underlying backend server.
|
|
|
|
type Connection struct {
|
|
|
|
id string
|
|
|
|
conn net.Conn
|
|
|
|
isKCP bool
|
|
|
|
session *smux.Session
|
|
|
|
controlStream *smux.Stream
|
|
|
|
user string
|
|
|
|
domain string
|
2017-09-30 17:33:19 +00:00
|
|
|
cf context.CancelFunc
|
2017-04-06 04:44:12 +00:00
|
|
|
detector *failure.Detector
|
|
|
|
Auth *Auth
|
2017-09-30 17:33:19 +00:00
|
|
|
usable bool
|
2017-10-07 16:41:48 +00:00
|
|
|
|
|
|
|
counter *expvar.Int
|
2017-09-30 17:33:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Connection) cancel() {
|
|
|
|
c.cf()
|
|
|
|
c.usable = false
|
2017-04-06 04:44:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// F logs key->value pairs as an ln.Fer
|
|
|
|
func (c *Connection) F() ln.F {
|
|
|
|
return map[string]interface{}{
|
|
|
|
"id": c.id,
|
|
|
|
"remote": c.conn.RemoteAddr(),
|
|
|
|
"local": c.conn.LocalAddr(),
|
|
|
|
"isKCP": c.isKCP,
|
|
|
|
"user": c.user,
|
|
|
|
"domain": c.domain,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Ping ends a "ping" to the client. If the client doesn't respond or the connection
|
|
|
|
// dies, then the connection needs to be cleaned up.
|
|
|
|
func (c *Connection) Ping() error {
|
2017-10-01 13:28:13 +00:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2017-04-06 04:44:12 +00:00
|
|
|
req, err := http.NewRequest("GET", "http://backend/health", nil)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
2017-10-01 13:28:13 +00:00
|
|
|
req = req.WithContext(ctx)
|
2017-04-06 04:44:12 +00:00
|
|
|
|
|
|
|
_, err = c.RoundTrip(req)
|
|
|
|
if err != nil {
|
2017-10-01 13:28:13 +00:00
|
|
|
ln.Error(ctx, err, c, ln.Action("pinging the backend"))
|
2017-04-06 04:44:12 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
c.detector.Ping(time.Now())
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// OpenStream creates a new stream (connection) to the backend server.
|
2017-10-01 13:28:13 +00:00
|
|
|
func (c *Connection) OpenStream(ctx context.Context) (net.Conn, error) {
|
2017-09-30 17:33:19 +00:00
|
|
|
if !c.usable {
|
|
|
|
return nil, ErrNoSuchBackend
|
|
|
|
}
|
|
|
|
|
2017-04-06 04:44:12 +00:00
|
|
|
err := c.conn.SetDeadline(time.Now().Add(time.Second))
|
|
|
|
if err != nil {
|
2017-10-01 13:28:13 +00:00
|
|
|
ln.Error(ctx, err, c)
|
2017-04-06 04:44:12 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
stream, err := c.session.OpenStream()
|
|
|
|
if err != nil {
|
2017-10-01 13:28:13 +00:00
|
|
|
ln.Error(ctx, err, c)
|
2017-04-06 04:44:12 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return stream, c.conn.SetDeadline(time.Time{})
|
|
|
|
}
|
|
|
|
|
|
|
|
// Close destroys resouces specific to the connection.
|
|
|
|
func (c *Connection) Close() error {
|
|
|
|
err := c.controlStream.Close()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = c.session.Close()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = c.conn.Close()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Connection-specific errors
|
|
|
|
var (
|
|
|
|
ErrCantOpenSessionStream = errors.New("tun2: connection can't open session stream")
|
|
|
|
ErrCantWriteRequest = errors.New("tun2: connection stream can't write request")
|
|
|
|
ErrCantReadResponse = errors.New("tun2: connection stream can't read response")
|
|
|
|
)
|
|
|
|
|
|
|
|
// RoundTrip forwards a HTTP request to the remote backend and then returns the
|
|
|
|
// response, if any.
|
|
|
|
func (c *Connection) RoundTrip(req *http.Request) (*http.Response, error) {
|
2017-10-01 13:28:13 +00:00
|
|
|
stream, err := c.OpenStream(req.Context())
|
2017-04-06 04:44:12 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, ErrCantOpenSessionStream.Error())
|
|
|
|
}
|
2017-10-07 15:46:32 +00:00
|
|
|
defer stream.Close()
|
2017-04-06 04:44:12 +00:00
|
|
|
|
|
|
|
err = req.Write(stream)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, ErrCantWriteRequest.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
buf := bufio.NewReader(stream)
|
|
|
|
|
|
|
|
resp, err := http.ReadResponse(buf, req)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, ErrCantReadResponse.Error())
|
|
|
|
}
|
2017-10-03 13:34:09 +00:00
|
|
|
defer resp.Body.Close()
|
|
|
|
|
2017-10-07 15:46:32 +00:00
|
|
|
body, err := ioutil.ReadAll(resp.Body)
|
2017-10-03 13:34:09 +00:00
|
|
|
if err != nil {
|
2017-10-07 15:46:32 +00:00
|
|
|
return nil, errors.Wrap(err, "can't read response body")
|
2017-10-03 13:34:09 +00:00
|
|
|
}
|
2017-10-01 15:59:49 +00:00
|
|
|
|
2017-10-07 15:46:32 +00:00
|
|
|
resp.Body = ioutil.NopCloser(bytes.NewBuffer(body))
|
|
|
|
resp.ContentLength = int64(len(body))
|
2017-10-03 13:34:09 +00:00
|
|
|
|
2017-10-07 16:41:48 +00:00
|
|
|
c.counter.Add(1)
|
|
|
|
|
2017-04-06 04:44:12 +00:00
|
|
|
return resp, nil
|
|
|
|
}
|