tile38/controller/server/server.go

package server

import (
	"bufio"
	"encoding/binary"
	"errors"
	"fmt"
	"io"
	"net"
	"strings"
	"time"

	//"github.com/tidwall/tile38/client"

	"github.com/tidwall/tile38/controller/log"
	"github.com/tidwall/tile38/core"
)

// This phrase is copied nearly verbatim from Redis.
// https://github.com/antirez/redis/blob/cf42c48adcea05c1bd4b939fcd36a01f23ec6303/src/networking.c
var deniedMessage = []byte(strings.TrimSpace(`
ACCESS DENIED
Tile38 is running in protected mode because protected mode is enabled, no host
address was specified, no authentication password is requested to clients. In
this mode connections are only accepted from the loopback interface. If you
want to connect from external computers to Tile38 you may adopt one of the
following solutions: 

1) Disable protected mode by sending the command 'CONFIG SET protected-mode no'
   from the loopback interface by connecting to Tile38 from the same host 
   the server is running, however MAKE SURE Tile38 is not publicly accessible
   from internet if you do so. Use CONFIG REWRITE to make this change
   permanent. 
2) Alternatively you can just disable the protected mode by editing the Tile38
   configuration file, and setting the 'protected-mode' option to 'no', and
   then restarting the server.
3) If you started the server manually just for testing, restart it with the
   '--protected-mode no' option. 
4) Use a host address or an authentication password. 

NOTE: You only need to do one of the above things in order for the server 
to start accepting connections from the outside.
`) + "\r\n")

type Conn struct {
	net.Conn
	Authenticated bool
}

var errCloseHTTP = errors.New("close http")

// ListenAndServe starts a tile38 server at the specified address.
func ListenAndServe(
	host string, port int,
	protected func() bool,
	handler func(conn *Conn, msg *Message, rd *bufio.Reader, w io.Writer, websocket bool) error,
) error {
	ln, err := net.Listen("tcp", fmt.Sprintf("%s:%d", host, port))
	if err != nil {
		return err
	}
	log.Infof("The server is now ready to accept connections on port %d", port)
	for {
		conn, err := ln.Accept()
		if err != nil {
			log.Error(err)
			continue
		}
		go handleConn(&Conn{Conn: conn}, protected, handler)
	}
}

// func writeCommandErr(proto client.Proto, conn *Conn, err error) error {
// 	if proto == client.HTTP || proto == client.WebSocket {
// 		conn.Write([]byte(`HTTP/1.1 500 ` + err.Error() + "\r\nConnection: close\r\n\r\n"))
// 	}
// 	return err
// }

func handleConn(
	conn *Conn,
	protected func() bool,
	handler func(conn *Conn, msg *Message, rd *bufio.Reader, w io.Writer, websocket bool) error,
) {
	addr := conn.RemoteAddr().String()
	if core.ShowDebugMessages {
		log.Debugf("opened connection: %s", addr)
		defer func() {
			log.Debugf("closed connection: %s", addr)
		}()
	}
	if !strings.HasPrefix(addr, "127.0.0.1:") && !strings.HasPrefix(addr, "[::1]:") {
		if protected() {
			// This is a protected server. Only loopback is allowed.
			conn.Write(deniedMessage)
			conn.Close()
			return
		}
	}
	defer conn.Close()
	rd := NewAnyReaderWriter(conn)
	brd := rd.rd
	for {
		msg, err := rd.ReadMessage()
		if err != nil {
			if err == io.EOF {
				return
			}
			if err == errCloseHTTP ||
				strings.Contains(err.Error(), "use of closed network connection") {
				return
			}
			log.Error(err)
			return
		}
		if msg != nil && msg.Command != "" {
			if msg.Command == "quit" {
				if msg.OutputType == RESP {
					io.WriteString(conn, "+OK\r\n")
				}
				return
			}
			err := handler(conn, msg, brd, conn, msg.ConnType == WebSocket)
			if err != nil {
				log.Error(err)
				return
			}
		} else {
			conn.Write([]byte("HTTP/1.1 500 Bad Request\r\nConnection: close\r\n\r\n"))
			return
		}
		if msg.ConnType == HTTP || msg.ConnType == WebSocket {
			return
		}
	}
}

func WriteWebSocketMessage(w io.Writer, data []byte) error {
	var msg []byte
	buf := make([]byte, 10+len(data))
	buf[0] = 129 // FIN + TEXT
	if len(data) <= 125 {
		buf[1] = byte(len(data))
		copy(buf[2:], data)
		msg = buf[:2+len(data)]
	} else if len(data) <= 0xFFFF {
		buf[1] = 126
		binary.BigEndian.PutUint16(buf[2:], uint16(len(data)))
		copy(buf[4:], data)
		msg = buf[:4+len(data)]
	} else {
		buf[1] = 127
		binary.BigEndian.PutUint64(buf[2:], uint64(len(data)))
		copy(buf[10:], data)
		msg = buf[:10+len(data)]
	}
	_, err := w.Write(msg)
	return err
}

func OKMessage(msg *Message, start time.Time) string {
	switch msg.OutputType {
	case JSON:
		return `{"ok":true,"elapsed":"` + time.Now().Sub(start).String() + "\"}"
	case RESP:
		return "+OK\r\n"
	}
	return ""
}

//err := func() error {
// command, proto, auth, err := client.ReadMessage(rd, conn)
// if err != nil {
// 	return err
// }
// if len(command) > 0 && (command[0] == 'Q' || command[0] == 'q') && strings.ToLower(string(command)) == "quit" {
// 	return io.EOF
// }
// var b bytes.Buffer
// var denied bool
// if (proto == client.HTTP || proto == client.WebSocket) && auth != "" {
// 	if err := handler(conn, []byte("AUTH "+auth), rd, &b, proto == client.WebSocket); err != nil {
// 		return writeCommandErr(proto, conn, err)
// 	}
// 	if strings.HasPrefix(b.String(), `{"ok":false`) {
// 		denied = true
// 	} else {
// 		b.Reset()
// 	}
// }
// if !denied {
// 	if err := handler(conn, command, rd, &b, proto == client.WebSocket); err != nil {
// 		return writeCommandErr(proto, conn, err)
// 	}
// }
// switch proto {
// case client.Native:
// 	if err := client.WriteMessage(conn, b.Bytes()); err != nil {
// 		return err
// 	}
// case client.HTTP:
// 	if err := client.WriteHTTP(conn, b.Bytes()); err != nil {
// 		return err
// 	}
// 	return errCloseHTTP
// case client.WebSocket:
// 	if err := client.WriteWebSocket(conn, b.Bytes()); err != nil {
// 		return err
// 	}
// 	if _, err := conn.Write([]byte{137, 0}); err != nil {
// 		return err
// 	}
// 	return errCloseHTTP
// default:
// 	b.WriteString("\r\n")
// 	if _, err := conn.Write(b.Bytes()); err != nil {
// 		return err
// 	}
// }
// return nil
//}()
// if err != nil {
// 	if err == io.EOF {
// 		return
// 	}
// 	if err == errCloseHTTP ||
// 		strings.Contains(err.Error(), "use of closed network connection") {
// 		return
// 	}
// 	log.Error(err)
// 	return
// }
// 	}
// }
first commit 2016-03-05 02:08:16 +03:00			`package server`

			`import (`
			`"bufio"`
resp config 2016-03-29 15:53:53 +03:00			`"encoding/binary"`
first commit 2016-03-05 02:08:16 +03:00			`"errors"`
			`"fmt"`
			`"io"`
			`"net"`
			`"strings"`
resp config 2016-03-29 15:53:53 +03:00			`"time"`
first commit 2016-03-05 02:08:16 +03:00
resp crud 2016-03-28 18:57:41 +03:00			`//"github.com/tidwall/tile38/client"`

refactor 2016-03-06 17:55:00 +03:00			`"github.com/tidwall/tile38/controller/log"`
			`"github.com/tidwall/tile38/core"`
first commit 2016-03-05 02:08:16 +03:00			`)`

authentication resolves #3 2016-03-08 03:37:39 +03:00			`// This phrase is copied nearly verbatim from Redis.`
			`// https://github.com/antirez/redis/blob/cf42c48adcea05c1bd4b939fcd36a01f23ec6303/src/networking.c`
			var deniedMessage = []byte(strings.TrimSpace(`
			`ACCESS DENIED`
			`Tile38 is running in protected mode because protected mode is enabled, no host`
			`address was specified, no authentication password is requested to clients. In`
			`this mode connections are only accepted from the loopback interface. If you`
			`want to connect from external computers to Tile38 you may adopt one of the`
			`following solutions:`

updated config summary 2016-03-08 15:32:39 +03:00			`1) Disable protected mode by sending the command 'CONFIG SET protected-mode no'`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`from the loopback interface by connecting to Tile38 from the same host`
			`the server is running, however MAKE SURE Tile38 is not publicly accessible`
			`from internet if you do so. Use CONFIG REWRITE to make this change`
			`permanent.`
			`2) Alternatively you can just disable the protected mode by editing the Tile38`
updated config summary 2016-03-08 15:32:39 +03:00			`configuration file, and setting the 'protected-mode' option to 'no', and`
			`then restarting the server.`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`3) If you started the server manually just for testing, restart it with the`
			`'--protected-mode no' option.`
allow optional protected-mode 2016-03-08 16:11:03 +03:00			`4) Use a host address or an authentication password.`
authentication resolves #3 2016-03-08 03:37:39 +03:00
			`NOTE: You only need to do one of the above things in order for the server`
			`to start accepting connections from the outside.`
			`) + "\r\n")

			`type Conn struct {`
			`net.Conn`
			`Authenticated bool`
			`}`

first commit 2016-03-05 02:08:16 +03:00			`var errCloseHTTP = errors.New("close http")`

			`// ListenAndServe starts a tile38 server at the specified address.`
			`func ListenAndServe(`
-host flag, fixes #2 2016-03-05 23:39:36 +03:00			`host string, port int,`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`protected func() bool,`
resp crud 2016-03-28 18:57:41 +03:00			`handler func(conn Conn, msg Message, rd *bufio.Reader, w io.Writer, websocket bool) error,`
first commit 2016-03-05 02:08:16 +03:00			`) error {`
-host flag, fixes #2 2016-03-05 23:39:36 +03:00			`ln, err := net.Listen("tcp", fmt.Sprintf("%s:%d", host, port))`
first commit 2016-03-05 02:08:16 +03:00			`if err != nil {`
			`return err`
			`}`
			`log.Infof("The server is now ready to accept connections on port %d", port)`
			`for {`
			`conn, err := ln.Accept()`
			`if err != nil {`
			`log.Error(err)`
			`continue`
			`}`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`go handleConn(&Conn{Conn: conn}, protected, handler)`
first commit 2016-03-05 02:08:16 +03:00			`}`
			`}`

resp crud 2016-03-28 18:57:41 +03:00			`// func writeCommandErr(proto client.Proto, conn *Conn, err error) error {`
			`// if proto == client.HTTP \|\| proto == client.WebSocket {`
			// conn.Write([]byte(`HTTP/1.1 500 ` + err.Error() + "\r\nConnection: close\r\n\r\n"))
			`// }`
			`// return err`
			`// }`
replication auth 2016-03-08 18:35:43 +03:00
first commit 2016-03-05 02:08:16 +03:00			`func handleConn(`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`conn *Conn,`
			`protected func() bool,`
resp crud 2016-03-28 18:57:41 +03:00			`handler func(conn Conn, msg Message, rd *bufio.Reader, w io.Writer, websocket bool) error,`
first commit 2016-03-05 02:08:16 +03:00			`) {`
allow optional protected-mode 2016-03-08 16:11:03 +03:00			`addr := conn.RemoteAddr().String()`
refactor 2016-03-06 17:55:00 +03:00			`if core.ShowDebugMessages {`
first commit 2016-03-05 02:08:16 +03:00			`log.Debugf("opened connection: %s", addr)`
			`defer func() {`
			`log.Debugf("closed connection: %s", addr)`
			`}()`
allow optional protected-mode 2016-03-08 16:11:03 +03:00			`}`
			`if !strings.HasPrefix(addr, "127.0.0.1:") && !strings.HasPrefix(addr, "[::1]:") {`
			`if protected() {`
			`// This is a protected server. Only loopback is allowed.`
			`conn.Write(deniedMessage)`
			`conn.Close()`
			`return`
authentication resolves #3 2016-03-08 03:37:39 +03:00			`}`
first commit 2016-03-05 02:08:16 +03:00			`}`
			`defer conn.Close()`
resp crud 2016-03-28 18:57:41 +03:00			`rd := NewAnyReaderWriter(conn)`
			`brd := rd.rd`
			`for {`
			`msg, err := rd.ReadMessage()`
first commit 2016-03-05 02:08:16 +03:00			`if err != nil {`
			`if err == io.EOF {`
			`return`
			`}`
			`if err == errCloseHTTP \|\|`
			`strings.Contains(err.Error(), "use of closed network connection") {`
			`return`
			`}`
			`log.Error(err)`
			`return`
			`}`
resp crud 2016-03-28 18:57:41 +03:00			`if msg != nil && msg.Command != "" {`
			`if msg.Command == "quit" {`
			`if msg.OutputType == RESP {`
			`io.WriteString(conn, "+OK\r\n")`
			`}`
			`return`
			`}`
			`err := handler(conn, msg, brd, conn, msg.ConnType == WebSocket)`
			`if err != nil {`
			`log.Error(err)`
			`return`
			`}`
resp config 2016-03-29 15:53:53 +03:00			`} else {`
			`conn.Write([]byte("HTTP/1.1 500 Bad Request\r\nConnection: close\r\n\r\n"))`
			`return`
			`}`
			`if msg.ConnType == HTTP \|\| msg.ConnType == WebSocket {`
			`return`
resp crud 2016-03-28 18:57:41 +03:00			`}`
first commit 2016-03-05 02:08:16 +03:00			`}`
			`}`
resp crud 2016-03-28 18:57:41 +03:00
resp config 2016-03-29 15:53:53 +03:00			`func WriteWebSocketMessage(w io.Writer, data []byte) error {`
			`var msg []byte`
			`buf := make([]byte, 10+len(data))`
			`buf[0] = 129 // FIN + TEXT`
			`if len(data) <= 125 {`
			`buf[1] = byte(len(data))`
			`copy(buf[2:], data)`
			`msg = buf[:2+len(data)]`
			`} else if len(data) <= 0xFFFF {`
			`buf[1] = 126`
			`binary.BigEndian.PutUint16(buf[2:], uint16(len(data)))`
			`copy(buf[4:], data)`
			`msg = buf[:4+len(data)]`
			`} else {`
			`buf[1] = 127`
			`binary.BigEndian.PutUint64(buf[2:], uint64(len(data)))`
			`copy(buf[10:], data)`
			`msg = buf[:10+len(data)]`
			`}`
			`_, err := w.Write(msg)`
			`return err`
			`}`

			`func OKMessage(msg *Message, start time.Time) string {`
			`switch msg.OutputType {`
			`case JSON:`
			return `{"ok":true,"elapsed":"` + time.Now().Sub(start).String() + "\"}"
			`case RESP:`
			`return "+OK\r\n"`
			`}`
			`return ""`
			`}`

resp crud 2016-03-28 18:57:41 +03:00			`//err := func() error {`
			`// command, proto, auth, err := client.ReadMessage(rd, conn)`
			`// if err != nil {`
			`// return err`
			`// }`
			`// if len(command) > 0 && (command[0] == 'Q' \|\| command[0] == 'q') && strings.ToLower(string(command)) == "quit" {`
			`// return io.EOF`
			`// }`
			`// var b bytes.Buffer`
			`// var denied bool`
			`// if (proto == client.HTTP \|\| proto == client.WebSocket) && auth != "" {`
			`// if err := handler(conn, []byte("AUTH "+auth), rd, &b, proto == client.WebSocket); err != nil {`
			`// return writeCommandErr(proto, conn, err)`
			`// }`
			// if strings.HasPrefix(b.String(), `{"ok":false`) {
			`// denied = true`
			`// } else {`
			`// b.Reset()`
			`// }`
			`// }`
			`// if !denied {`
			`// if err := handler(conn, command, rd, &b, proto == client.WebSocket); err != nil {`
			`// return writeCommandErr(proto, conn, err)`
			`// }`
			`// }`
			`// switch proto {`
			`// case client.Native:`
			`// if err := client.WriteMessage(conn, b.Bytes()); err != nil {`
			`// return err`
			`// }`
			`// case client.HTTP:`
			`// if err := client.WriteHTTP(conn, b.Bytes()); err != nil {`
			`// return err`
			`// }`
			`// return errCloseHTTP`
			`// case client.WebSocket:`
			`// if err := client.WriteWebSocket(conn, b.Bytes()); err != nil {`
			`// return err`
			`// }`
			`// if _, err := conn.Write([]byte{137, 0}); err != nil {`
			`// return err`
			`// }`
			`// return errCloseHTTP`
			`// default:`
			`// b.WriteString("\r\n")`
			`// if _, err := conn.Write(b.Bytes()); err != nil {`
			`// return err`
			`// }`
			`// }`
			`// return nil`
			`//}()`
			`// if err != nil {`
			`// if err == io.EOF {`
			`// return`
			`// }`
			`// if err == errCloseHTTP \|\|`
			`// strings.Contains(err.Error(), "use of closed network connection") {`
			`// return`
			`// }`
			`// log.Error(err)`
			`// return`
			`// }`
			`// }`
			`// }`