From 2b74f6ee0ce4dce3fd83bfa3faa321c34c888f54 Mon Sep 17 00:00:00 2001
From: Anders Pitman <tapitman11@gmail.com>
Date: Tue, 16 Feb 2021 18:37:31 -0700
Subject: [PATCH] Implement selecting tunnel port

This is useful for when you want to use boringproxy more like a
normal reverse proxy, ie if boringproxy and your service are on
the same machine, you can just use the port of the service as the
tunnel port and boringproxy will forward directly to it without
using SSH.

This would normally be used with no client set.
---
 api.go            | 11 +++++++++++
 tunnel_manager.go | 18 +++++++++++++-----
 webui/index.tmpl  |  4 ++++
 3 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/api.go b/api.go
index 18dce97..2f1ae84 100644
--- a/api.go
+++ b/api.go
@@ -282,6 +282,16 @@ func (a *Api) CreateTunnel(tokenData TokenData, params url.Values) (*Tunnel, err
 		clientAddr = "127.0.0.1"
 	}
 
+	tunnelPort := 0
+	tunnelPortParam := params.Get("tunnel-port")
+	if tunnelPortParam != "" && tunnelPortParam != "Random" {
+		var err error
+		tunnelPort, err = strconv.Atoi(tunnelPortParam)
+		if err != nil {
+			return nil, errors.New("Invalid tunnel-port parameter")
+		}
+	}
+
 	allowExternalTcp := params.Get("allow-external-tcp") == "on"
 
 	passwordProtect := params.Get("password-protect") == "on"
@@ -312,6 +322,7 @@ func (a *Api) CreateTunnel(tokenData TokenData, params url.Values) (*Tunnel, err
 		ClientName:       clientName,
 		ClientPort:       clientPort,
 		ClientAddress:    clientAddr,
+		TunnelPort:       tunnelPort,
 		AllowExternalTcp: allowExternalTcp,
 		AuthUsername:     username,
 		AuthPassword:     password,
diff --git a/tunnel_manager.go b/tunnel_manager.go
index 376676f..133b289 100644
--- a/tunnel_manager.go
+++ b/tunnel_manager.go
@@ -70,12 +70,21 @@ func (m *TunnelManager) RequestCreateTunnel(tunReq Tunnel) (Tunnel, error) {
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 
-	port, err := randomOpenPort()
-	if err != nil {
-		return Tunnel{}, err
+	if tunReq.TunnelPort == 0 {
+		var err error
+		tunReq.TunnelPort, err = randomOpenPort()
+		if err != nil {
+			return Tunnel{}, err
+		}
+	} else {
+		for _, tun := range m.db.GetTunnels() {
+			if tunReq.TunnelPort == tun.TunnelPort {
+				return Tunnel{}, errors.New("Tunnel port already in use")
+			}
+		}
 	}
 
-	privKey, err := m.addToAuthorizedKeys(tunReq.Domain, port, tunReq.AllowExternalTcp, tunReq.SshKey)
+	privKey, err := m.addToAuthorizedKeys(tunReq.Domain, tunReq.TunnelPort, tunReq.AllowExternalTcp, tunReq.SshKey)
 	if err != nil {
 		return Tunnel{}, err
 	}
@@ -84,7 +93,6 @@ func (m *TunnelManager) RequestCreateTunnel(tunReq Tunnel) (Tunnel, error) {
 	tunReq.ServerPort = m.config.SshServerPort
 	tunReq.ServerPublicKey = ""
 	tunReq.Username = m.user.Username
-	tunReq.TunnelPort = port
 	tunReq.TunnelPrivateKey = privKey
 
 	m.db.SetTunnel(tunReq.Domain, tunReq)
diff --git a/webui/index.tmpl b/webui/index.tmpl
index 3299a04..edcd104 100644
--- a/webui/index.tmpl
+++ b/webui/index.tmpl
@@ -89,6 +89,10 @@
                  <input type="text" id="domain" name="domain" required>
                  <input type="hidden" id="tunnel-owner" name="owner" value="{{$.UserId}}">
                </div>
+               <div class='input'>
+                 <label for="tunnel-port">Tunnel Port:</label>
+                 <input type="text" id="tunnel-port" name="tunnel-port" value="Random">
+               </div>
 
                <!--
                <div class='input'>