init http2+tls

9ae36e42 · rui.zheng · 7b84fc6c · 9ae36e42 · 9ae36e42 · 9ae36e42
Commit 9ae36e42 authored Sep 23, 2016 by rui.zheng
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 3 deletions

conn.go conn.go +13 -0

http.go http.go +2 -1

http2.go http2.go +21 -0

tls.go tls.go +3 -2

No files found.
--- a/conn.go
+++ b/conn.go
@@ -18,6 +18,7 @@ import (
 	"strings"
 	"sync"
 	//"sync/atomic"
+	"golang.org/x/net/http2"
 	"time"
 )

@@ -50,6 +51,9 @@ func listenAndServe(arg Args) error {
 	case "wss": // websocket security connection
 		return NewWs(arg).listenAndServeTLS()
 	case "tls": // tls connection
+		if arg.Protocol == "http2" || arg.Protocol == "h2" { // only support http2 over TLS
+			return listenAndServeHttp2(arg)
+		}
 		ln, err = tls.Listen("tcp", arg.Addr,
 			&tls.Config{Certificates: []tls.Certificate{arg.Cert}})
 	case "tcp": // Local TCP port forwarding
@@ -83,6 +87,15 @@ func listenAndServe(arg Args) error {
 	}
 }

+func listenAndServeHttp2(arg Args) error {
+	srv := http.Server{
+		Addr:    arg.Addr,
+		Handler: http.HandlerFunc(handlerHttp2Request),
+	}
+	http2.ConfigureServer(&srv, nil)
+	return srv.ListenAndServeTLS(certFile, keyFile)
+}
+
 func listenAndServeTcpForward(arg Args) error {
 	raddr, err := net.ResolveTCPAddr("tcp", arg.Remote)
 	if err != nil {

--- a/http.go
+++ b/http.go
@@ -10,6 +10,8 @@ import (
 )

 func handleHttpRequest(req *http.Request, conn net.Conn, arg Args) {
+	glog.V(LINFO).Infof("[http] %s - %s", conn.RemoteAddr(), req.Host)
+
 	if glog.V(LDEBUG) {
 		dump, err := httputil.DumpRequest(req, false)
 		if err != nil {
@@ -18,7 +20,6 @@ func handleHttpRequest(req *http.Request, conn net.Conn, arg Args) {
 			glog.Infoln(string(dump))
 		}
 	}
-	glog.V(LINFO).Infof("[http] %s - %s", conn.RemoteAddr(), req.Host)

 	var username, password string
 	if arg.User != nil {

--- a/http2.go
+++ b/http2.go
+package main
+
+import (
+	"github.com/golang/glog"
+	"net/http"
+	"net/http/httputil"
+)
+
+func handlerHttp2Request(w http.ResponseWriter, r *http.Request) {
+	glog.V(LINFO).Infof("[http2] %s - %s", r.RemoteAddr, r.Host)
+
+	if glog.V(LDEBUG) {
+		dump, err := httputil.DumpRequest(r, false)
+		if err != nil {
+			glog.Infoln(err)
+		} else {
+			glog.Infoln(string(dump))
+		}
+	}
+
+}
--- a/tls.go
+++ b/tls.go
@@ -6,7 +6,8 @@ import (
 )

 const (
-
+	certFile = "cert.pem"
+	keyFile  = "key.pem"
 	// This is the default cert file for convenience, providing your own cert is recommended.
 	rawCert = `-----BEGIN CERTIFICATE-----
 MIIC5jCCAdCgAwIBAgIBADALBgkqhkiG9w0BAQUwEjEQMA4GA1UEChMHQWNtZSBD
@@ -58,7 +59,7 @@ nh/BAoGBAMY5z2f1pmMhrvtPDSlEVjgjELbaInxFaxPLR4Pdyzn83gtIIU14+R8X

 func init() {
 	var err error
-	if tlsCert, err = tls.LoadX509KeyPair("cert.pem", "key.pem"); err != nil {
+	if tlsCert, err = tls.LoadX509KeyPair(certFile, keyFile); err != nil {
 		glog.V(LWARNING).Infoln(err)

 		tlsCert, err = tls.X509KeyPair([]byte(rawCert), []byte(rawKey))