no longer a mule

d730d1e5 · Garet Halliday · 8a9e7d7b · d730d1e5 · d730d1e5 · d730d1e5
Commit d730d1e5 authored 1 year ago by Garet Halliday
--- a/cmd/caddygat/main.go
+++ b/cmd/caddygat/main.go
@@ -3,6 +3,8 @@ package main
 import (
 	caddycmd "github.com/caddyserver/caddy/v2/cmd"
+	_ "gfx.cafe/gfx/pggat/lib/gat/gatcaddyfile"
 	_ "gfx.cafe/gfx/pggat/lib/gat/standard"
 )

--- a/lib/gat/gatcaddyfile/gattype.go
+++ b/lib/gat/gatcaddyfile/gattype.go
+package gatcaddyfile
+import (
+	"github.com/caddyserver/caddy/v2"
+	"github.com/caddyserver/caddy/v2/caddyconfig"
+	"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
+)
+func init() {
+	caddyconfig.RegisterAdapter("caddyfile", caddyfile.Adapter{ServerType: ServerType{}})
+}
+type ServerType struct{}
+func (ServerType) Setup(blocks []caddyfile.ServerBlock, m map[string]any) (*caddy.Config, []caddyconfig.Warning, error) {
+	// TODO implement me
+	panic("implement me")
+}
--- a/lib/gat/matchers/localaddress.go
+++ b/lib/gat/matchers/localaddress.go
 package matchers
 import (
+	"fmt"
+	"net"
 	"github.com/caddyserver/caddy/v2"
 	"gfx.cafe/gfx/pggat/lib/fed"
@@ -12,7 +15,10 @@ func init() {
 }
 type LocalAddress struct {
+	Network string `json:"network"`
 	Address string `json:"address"`
+	addr net.Addr
 }
 func (T *LocalAddress) CaddyModule() caddy.ModuleInfo {
@@ -24,10 +30,54 @@ func (T *LocalAddress) CaddyModule() caddy.ModuleInfo {
 	}
 }
+func (T *LocalAddress) Provision(ctx caddy.Context) error {
+	var err error
+	switch T.Network {
+	case "tcp", "tcp4", "tcp6":
+		T.addr, err = net.ResolveTCPAddr(T.Network, T.Address)
+	case "udp", "udp4", "udp6":
+		T.addr, err = net.ResolveUDPAddr(T.Network, T.Address)
+	case "ip", "ip4", "ip6":
+		T.addr, err = net.ResolveIPAddr(T.Network, T.Address)
+	case "unix", "unixgram", "unixpacket":
+		T.addr, err = net.ResolveUnixAddr(T.Network, T.Address)
+	default:
+		err = fmt.Errorf("unknown network: %s", T.Network)
+	}
+	return err
+}
 func (T *LocalAddress) Matches(conn fed.Conn) bool {
-	// TODO(garet)
+	switch addr := conn.LocalAddr().(type) {
-	return true
+	case *net.TCPAddr:
+		expected, ok := T.addr.(*net.TCPAddr)
+		if !ok {
+			return false
+		}
+		return addr.Port == expected.Port && addr.Zone == expected.Zone && (expected.IP == nil || addr.IP.Equal(expected.IP))
+	case *net.IPAddr:
+		expected, ok := T.addr.(*net.IPAddr)
+		if !ok {
+			return false
+		}
+		return addr.Zone == expected.Zone && (expected.IP == nil || addr.IP.Equal(expected.IP))
+	case *net.UDPAddr:
+		expected, ok := T.addr.(*net.UDPAddr)
+		if !ok {
+			return false
+		}
+		return addr.Port == expected.Port && addr.Zone == expected.Zone && (expected.IP == nil || addr.IP.Equal(expected.IP))
+	case *net.UnixAddr:
+		expected, ok := T.addr.(*net.UnixAddr)
+		if !ok {
+			return false
+		}
+		return addr.Name == expected.Name && addr.Net == expected.Net
+	default:
+		return false
+	}
 }
 var _ gat.Matcher = (*LocalAddress)(nil)
 var _ caddy.Module = (*LocalAddress)(nil)
+var _ caddy.Provisioner = (*LocalAddress)(nil)
--- a/lib/gat/matchers/network.go
+++ b/lib/gat/matchers/network.go
-package matchers
-import (
-	"github.com/caddyserver/caddy/v2"
-	"gfx.cafe/gfx/pggat/lib/fed"
-	"gfx.cafe/gfx/pggat/lib/gat"
-)
-func init() {
-	caddy.RegisterModule((*Network)(nil))
-}
-type Network struct {
-	Network string `json:"network"`
-}
-func (T *Network) CaddyModule() caddy.ModuleInfo {
-	return caddy.ModuleInfo{
-		ID: "pggat.matchers.network",
-		New: func() caddy.Module {
-			return new(Network)
-		},
-	}
-}
-func (T *Network) Matches(conn fed.Conn) bool {
-	return conn.LocalAddr().Network() == T.Network
-}
-var _ gat.Matcher = (*Network)(nil)
-var _ caddy.Module = (*Network)(nil)
--- a/lib/gat/ssl/servers/self_signed/server.go
+++ b/lib/gat/ssl/servers/self_signed/server.go
 package self_signed
 import (
+	"crypto/rand"
+	"crypto/rsa"
 	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"math/big"
+	"net"
+	"time"
 	"github.com/caddyserver/caddy/v2"
 	"gfx.cafe/gfx/pggat/lib/gat"
-	"gfx.cafe/gfx/pggat/lib/util/certs"
 )
 func init() {
@@ -26,8 +32,53 @@ func (T *Server) CaddyModule() caddy.ModuleInfo {
 	}
 }
+func (T *Server) signCert() (tls.Certificate, error) {
+	// generate private key
+	priv, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	keyUsage := x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment
+	notBefore := time.Now()
+	notAfter := notBefore.Add(3 * 30 * 24 * time.Hour)
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	template := x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			Organization: []string{"GFX Labs"},
+		},
+		NotBefore: notBefore,
+		NotAfter:  notAfter,
+		KeyUsage:              keyUsage,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+		BasicConstraintsValid: true,
+	}
+	// TODO(garet)
+	template.IPAddresses = append(template.IPAddresses, net.ParseIP("127.0.0.1"))
+	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	var cert tls.Certificate
+	cert.PrivateKey = priv
+	cert.Certificate = append(cert.Certificate, derBytes)
+	return cert, nil
+}
 func (T *Server) Provision(ctx caddy.Context) error {
-	cert, err := certs.SelfSign()
+	cert, err := T.signCert()
 	if err != nil {
 		return err
 	}

--- a/lib/util/certs/self.go
+++ b/lib/util/certs/self.go
-package certs
-import (
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/tls"
-	"crypto/x509"
-	"crypto/x509/pkix"
-	"math/big"
-	"net"
-	"time"
-)
-func SelfSign() (tls.Certificate, error) {
-	// generate private key
-	priv, err := rsa.GenerateKey(rand.Reader, 2048)
-	if err != nil {
-		return tls.Certificate{}, err
-	}
-	keyUsage := x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment
-	notBefore := time.Now()
-	notAfter := notBefore.Add(3 * 30 * 24 * time.Hour)
-	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
-	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
-	if err != nil {
-		return tls.Certificate{}, err
-	}
-	template := x509.Certificate{
-		SerialNumber: serialNumber,
-		Subject: pkix.Name{
-			Organization: []string{"GFX Labs"},
-		},
-		NotBefore: notBefore,
-		NotAfter:  notAfter,
-		KeyUsage:              keyUsage,
-		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
-		BasicConstraintsValid: true,
-	}
-	// TODO(garet)
-	template.IPAddresses = append(template.IPAddresses, net.ParseIP("127.0.0.1"))
-	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
-	if err != nil {
-		return tls.Certificate{}, err
-	}
-	var cert tls.Certificate
-	cert.PrivateKey = priv
-	cert.Certificate = append(cert.Certificate, derBytes)
-	return cert, nil
-}