IntenseWebs/boringproxy
3
0
Fork 0
mirror of https://github.com/boringproxy/boringproxy.git synced 2025-02-25 18:55:29 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix client TLS termination bug

Browse Source 
Problem had to do with certmagic. Details in code.
This commit is contained in:
Anders Pitman
2020-11-28 11:48:23 -07:00
parent 7e728b1261
commit 28a67a4285
3 changed files with 33 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
client.go
View File

@@ -56,6 +56,19 @@ func NewBoringProxyClient() *BoringProxyClient {
}
}
// Use random unprivileged port for ACME challenges. This is necessary
// because of the way certmagic works, in that if it fails to bind
// HTTPSPort (443 by default) and doesn't detect anything else binding
// it, it fails. Obviously the boringproxy client is likely to be
// running on a machine where 443 isn't bound, so we need a different
// port to hack around this. See here for more details:
// https://github.com/caddyserver/certmagic/issues/111
var err error
certmagic.HTTPSPort, err = randomOpenPort()
if err != nil {
log.Fatal("Failed get random port for TLS challenges")
}
certmagic.DefaultACME.DisableHTTPChallenge = true
if *certDir != "" {

21
tunnel_manager.go
View File

@@ -11,9 +11,7 @@ import (
"golang.org/x/crypto/ssh"
"io/ioutil"
"log"
"net"
"os/user"
"strconv"
"strings"
"sync"
)
@@ -75,7 +73,7 @@ func (m *TunnelManager) RequestCreateTunnel(tunReq Tunnel) (Tunnel, error) {
return Tunnel{}, errors.New("Tunnel exists for domain " + tunReq.Domain)
}
port, err := randomPort()
port, err := randomOpenPort()
if err != nil {
return Tunnel{}, err
}
@@ -224,20 +222,3 @@ func MakeSSHKeyPair() (string, string, error) {
return pubKey, privKeyBuf.String(), nil
}
func randomPort() (int, error) {
listener, err := net.Listen("tcp", "127.0.0.1:0")
if err != nil {
return 0, err
}
addrParts := strings.Split(listener.Addr().String(), ":")
port, err := strconv.Atoi(addrParts[len(addrParts)-1])
if err != nil {
return 0, err
}
listener.Close()
return port, nil
}

19
utils.go
View File

@@ -6,7 +6,9 @@ import (
"errors"
"io/ioutil"
"math/big"
"net"
"net/http"
"strconv"
"strings"
)
@@ -65,3 +67,20 @@ func genRandomCode(length int) (string, error) {
}
return id, nil
}
func randomOpenPort() (int, error) {
listener, err := net.Listen("tcp", "127.0.0.1:0")
if err != nil {
return 0, err
}
addrParts := strings.Split(listener.Addr().String(), ":")
port, err := strconv.Atoi(addrParts[len(addrParts)-1])
if err != nil {
return 0, err
}
listener.Close()
return port, nil
}