package main import ( "crypto/tls" "encoding/pem" "flag" "fmt" "io/ioutil" "log" "net" "net/http" "os" "os/signal" "time" "gitlab-app.eng.qops.net/golang/jwt" "golang.org/x/crypto/pkcs12" ) func envOrDefault(key, def string) string { if v := os.Getenv(key); v != "" { return v } return def } func main() { port := flag.String("p", envOrDefault("PORT", "41912"), "port to run on") crt := flag.String("crt", envOrDefault("CRT", ""), "path to crt") key := flag.String("key", envOrDefault("KEY", ""), "path to key") tcp := flag.Bool("tcp", false, "accept TCP") fail := flag.Bool("fail", false, "fail connections forever") block := flag.Int("block", 0, "seconds to block connections") status := flag.Int("status", http.StatusOK, "status to always return") jwt := flag.String("jwt", envOrDefault("SECRET", ""), "secret for JWT") flag.Parse() // start server if *tcp { startTCP(*port, *fail, *block) } else { startHTTP(*port, *fail, *block, *jwt, *crt, *key, *status) } // catch stop stop := make(chan os.Signal) signal.Notify(stop, os.Interrupt) <-stop } func startTCP(port string, fail bool, block int) { l, err := net.Listen("tcp", ":"+port) if err != nil { panic(err) } go func() { for { c, err := l.Accept() if err != nil { panic(err) } go func(c net.Conn) { defer c.Close() if block > 0 { time.Sleep(time.Second * time.Duration(block)) } fmt.Fprintln(c, "Hello") }(c) } defer l.Close() }() } func startHTTP(port string, fail bool, block int, secret, crt, key string, status int) { srv := &http.Server{ Addr: ":" + port, Handler: makeHTTPHandler(fail, block, secret, status), } go func() { if crt == "" || key == "" { if err := srv.ListenAndServe(); err != nil { panic(err) } } else { if _, err := os.Stat(key); err == nil { if err := srv.ListenAndServeTLS(crt, key); err != nil { panic(err) } } else { b, err := ioutil.ReadFile(crt) if err != nil { panic(err) } blocks, err := pkcs12.ToPEM(b, key) if err != nil { panic(err) } pd := []byte{} for _, block := range blocks { pd = append(pd, pem.EncodeToMemory(block)...) } cert, err := tls.X509KeyPair(pd, pd) if err != nil { panic(err) } srv.TLSConfig = &tls.Config{ Certificates: []tls.Certificate{cert}, } if err := srv.ListenAndServeTLS("", ""); err != nil { panic(err) } } } }() log.Println("Listening on", srv.Addr) } func makeHTTPHandler(fail bool, block int, secret string, status int) http.HandlerFunc { if block > 0 { return blockH(block, fail) } else if fail { return http.HandlerFunc(failH) } return echoH(secret, status) } func failH(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusInternalServerError) } func blockH(block int, fail bool) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { select { case <-time.After(time.Second * time.Duration(block)): case <-r.Context().Done(): log.Println(r.Context().Err()) fmt.Fprintln(w, r.Context().Err()) w.WriteHeader(http.StatusInternalServerError) } if fail { w.WriteHeader(http.StatusInternalServerError) } } } func echoH(secret string, status int) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { log.Println("METHOD:", r.Method) log.Println("URL:", r.URL.String()) log.Println("HEADER:", r.Header) if secret != "" { verifier := jwt.Verifier{Key: []byte(secret)} _, err := verifier.Verify(r) if err != nil { w.WriteHeader(http.StatusUnauthorized) fmt.Fprintln(w, "ERR: failed verifying jwt:", err) log.Println("ERR: failed verifying jwt:", err) return } } b, err := ioutil.ReadAll(r.Body) if err != nil { return } s := string(b[:]) log.Println("BODY:", s) w.WriteHeader(status) fmt.Fprintf(w, "===\nMETHOD: %q\nURL: %q\nHEADER: %q\nBODY: %q\n===\n", r.Method, r.URL.String(), fmt.Sprintf("%v", r.Header), s, ) } }