epic/play-with-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make router director return extra information (needed to route ssh

Browse Source 
connections)
This commit is contained in:
Jonathan Leibiusky @xetorthio
2017-10-31 12:49:37 -03:00
parent 36bebe3223
commit 6009bfd781
6 changed files with 74 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Gopkg.lock generated
View File

@@ -246,10 +246,10 @@
revision = "1a9d0bb9f541897e62256577b352fdbc1fb4fd94" revision = "1a9d0bb9f541897e62256577b352fdbc1fb4fd94"
[[projects]] [[projects]]
branch = "master"
name = "github.com/stretchr/testify" name = "github.com/stretchr/testify"
packages = ["assert","mock"] packages = ["assert","mock"]
revision = "69483b4bd14f5845b5a1e55bca19e954e827f1d0" revision = "2aa2c176b9dab406a6970f6a55f513e8a8c8b18f"
version = "v1.1.4"
[[projects]] [[projects]]
name = "github.com/twinj/uuid" name = "github.com/twinj/uuid"
@@ -308,6 +308,6 @@
[solve-meta] [solve-meta]
analyzer-name = "dep" analyzer-name = "dep"
analyzer-version = 1 analyzer-version = 1
inputs-digest = "249dcabc7186697e454650b01760349e95271e2af78fe1621965d5d2327bf80c" inputs-digest = "cb4ed32010df0327d18dee3e1c736249d8d1df75e45f90c2fad5b2c1c5028b98"
solver-name = "gps-cdcl" solver-name = "gps-cdcl"
solver-version = 1 solver-version = 1

8
Gopkg.toml
View File

@@ -69,10 +69,6 @@
name = "github.com/shirou/gopsutil" name = "github.com/shirou/gopsutil"
version = "2.17.9" version = "2.17.9"
[[constraint]]
name = "github.com/stretchr/testify"
version = "1.1.4"
[[constraint]] [[constraint]]
name = "github.com/twinj/uuid" name = "github.com/twinj/uuid"
version = "1.0.0" version = "1.0.0"
@@ -88,3 +84,7 @@
[[constraint]] [[constraint]]
branch = "master" branch = "master"
name = "golang.org/x/text" name = "golang.org/x/text"
[[constraint]]
branch = "master"
name = "github.com/stretchr/testify"

12
router/l2/l2.go
View File

@@ -10,10 +10,12 @@ import (
"os" "os"
"time" "time"
"golang.org/x/crypto/ssh"
client "docker.io/go-docker"
"docker.io/go-docker/api/types" "docker.io/go-docker/api/types"
"docker.io/go-docker/api/types/filters" "docker.io/go-docker/api/types/filters"
"docker.io/go-docker/api/types/network" "docker.io/go-docker/api/types/network"
client "docker.io/go-docker"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"github.com/play-with-docker/play-with-docker/config" "github.com/play-with-docker/play-with-docker/config"
"github.com/play-with-docker/play-with-docker/router" "github.com/play-with-docker/play-with-docker/router"
@@ -21,7 +23,7 @@ import (
"github.com/urfave/negroni" "github.com/urfave/negroni"
) )
func director(protocol router.Protocol, host string) (*net.TCPAddr, error) { func director(protocol router.Protocol, host string) (*router.DirectorInfo, error) {
info, err := router.DecodeHost(host) info, err := router.DecodeHost(host)
if err != nil { if err != nil {
return nil, err return nil, err
@@ -33,6 +35,7 @@ func director(protocol router.Protocol, host string) (*net.TCPAddr, error) {
port = info.EncodedPort port = info.EncodedPort
} }
i := router.DirectorInfo{}
if port == 0 { if port == 0 {
if protocol == router.ProtocolHTTP { if protocol == router.ProtocolHTTP {
port = 80 port = 80
@@ -40,6 +43,8 @@ func director(protocol router.Protocol, host string) (*net.TCPAddr, error) {
port = 443 port = 443
} else if protocol == router.ProtocolSSH { } else if protocol == router.ProtocolSSH {
port = 22 port = 22
i.SSHUser = "root"
i.SSHAuthMethods = []ssh.AuthMethod{ssh.Password("root")}
} else if protocol == router.ProtocolDNS { } else if protocol == router.ProtocolDNS {
port = 53 port = 53
} }
@@ -49,7 +54,8 @@ func director(protocol router.Protocol, host string) (*net.TCPAddr, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return t, nil i.Dst = t
return &i, nil
} }
func connectNetworks() error { func connectNetworks() error {

45
router/l2/l2_test.go
View File

@@ -8,49 +8,50 @@ import (
) )
func TestDirector(t *testing.T) { func TestDirector(t *testing.T) {
addr, err := director(router.ProtocolHTTP, "ip10-0-0-1-aabb-8080.foo.bar") info, err := director(router.ProtocolHTTP, "ip10-0-0-1-aabb-8080.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:8080", addr.String()) assert.Equal(t, "10.0.0.1:8080", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb.foo.bar") info, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:80", addr.String()) assert.Equal(t, "10.0.0.1:80", info.Dst.String())
addr, err = director(router.ProtocolHTTPS, "ip10-0-0-1-aabb.foo.bar") info, err = director(router.ProtocolHTTPS, "ip10-0-0-1-aabb.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:443", addr.String()) assert.Equal(t, "10.0.0.1:443", info.Dst.String())
addr, err = director(router.ProtocolSSH, "ip10-0-0-1-aabb.foo.bar") info, err = director(router.ProtocolSSH, "ip10-0-0-1-aabb.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:22", addr.String()) assert.Equal(t, "10.0.0.1:22", info.Dst.String())
assert.Equal(t, "root", info.SSHUser)
addr, err = director(router.ProtocolDNS, "ip10-0-0-1-aabb.foo.bar") info, err = director(router.ProtocolDNS, "ip10-0-0-1-aabb.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:53", addr.String()) assert.Equal(t, "10.0.0.1:53", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb.foo.bar:9090") info, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb.foo.bar:9090")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:9090", addr.String()) assert.Equal(t, "10.0.0.1:9090", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb-2222.foo.bar:9090") info, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb-2222.foo.bar:9090")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:2222", addr.String()) assert.Equal(t, "10.0.0.1:2222", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "lala.ip10-0-0-1-aabb-2222.foo.bar") info, err = director(router.ProtocolHTTP, "lala.ip10-0-0-1-aabb-2222.foo.bar")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:2222", addr.String()) assert.Equal(t, "10.0.0.1:2222", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "lala.ip10-0-0-1-aabb-2222") info, err = director(router.ProtocolHTTP, "lala.ip10-0-0-1-aabb-2222")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:2222", addr.String()) assert.Equal(t, "10.0.0.1:2222", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb-2222") info, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb-2222")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:2222", addr.String()) assert.Equal(t, "10.0.0.1:2222", info.Dst.String())
addr, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb") info, err = director(router.ProtocolHTTP, "ip10-0-0-1-aabb")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10.0.0.1:80", addr.String()) assert.Equal(t, "10.0.0.1:80", info.Dst.String())
_, err = director(router.ProtocolHTTP, "lala10-0-0-1-aabb.foo.bar") _, err = director(router.ProtocolHTTP, "lala10-0-0-1-aabb.foo.bar")
assert.NotNil(t, err) assert.NotNil(t, err)

30
router/router.go
View File

@@ -27,7 +27,13 @@ const (
ProtocolDNS ProtocolDNS
) )
type Director func(protocol Protocol, host string) (*net.TCPAddr, error) type DirectorInfo struct {
Dst *net.TCPAddr
SSHUser string
SSHAuthMethods []ssh.AuthMethod
}
type Director func(protocol Protocol, host string) (*DirectorInfo, error)
type proxyRouter struct { type proxyRouter struct {
sync.Mutex sync.Mutex
@@ -121,7 +127,7 @@ func (r *proxyRouter) sshHandle(nConn net.Conn) {
return return
} }
dstHost, err := r.director(ProtocolSSH, sshCon.User()) info, err := r.director(ProtocolSSH, sshCon.User())
if err != nil { if err != nil {
nConn.Close() nConn.Close()
return return
@@ -148,19 +154,22 @@ func (r *proxyRouter) sshHandle(nConn net.Conn) {
stderr := channel.Stderr() stderr := channel.Stderr()
fmt.Fprintf(stderr, "Connecting to %s\r\n", dstHost.String()) fmt.Fprintf(stderr, "Connecting to %s\r\n", info.Dst.String())
clientConfig := &ssh.ClientConfig{ /*
User: "root",
Auth: []ssh.AuthMethod{ Auth: []ssh.AuthMethod{
ssh.Password("root"), ssh.Password("root"),
}, },
*/
clientConfig := &ssh.ClientConfig{
User: info.SSHUser,
Auth: info.SSHAuthMethods,
HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
return nil return nil
}, },
} }
client, err := ssh.Dial("tcp", dstHost.String(), clientConfig) client, err := ssh.Dial("tcp", info.Dst.String(), clientConfig)
if err != nil { if err != nil {
fmt.Fprintf(stderr, "Connect failed: %v\r\n", err) fmt.Fprintf(stderr, "Connect failed: %v\r\n", err)
channel.Close() channel.Close()
@@ -232,7 +241,7 @@ func (r *proxyRouter) dnsRequest(w dns.ResponseWriter, req *dns.Msg) {
return return
} }
dstHost, err := r.director(ProtocolDNS, strings.TrimSuffix(question, ".")) info, err := r.director(ProtocolDNS, strings.TrimSuffix(question, "."))
if err != nil { if err != nil {
// Director couldn't resolve it, try to lookup in the system's DNS // Director couldn't resolve it, try to lookup in the system's DNS
ips, err := net.LookupIP(question) ips, err := net.LookupIP(question)
@@ -265,6 +274,7 @@ func (r *proxyRouter) dnsRequest(w dns.ResponseWriter, req *dns.Msg) {
w.WriteMsg(m) w.WriteMsg(m)
return return
} }
dstHost := info.Dst
m := new(dns.Msg) m := new(dns.Msg)
m.SetReply(req) m.SetReply(req)
@@ -338,11 +348,12 @@ func (r *proxyRouter) handleConnection(c net.Conn) {
defer vhostConn.Close() defer vhostConn.Close()
host := vhostConn.ClientHelloMsg.ServerName host := vhostConn.ClientHelloMsg.ServerName
log.Printf("Proxying TLS connection to %s. Discover took %s\n", host, discoverElapsed) log.Printf("Proxying TLS connection to %s. Discover took %s\n", host, discoverElapsed)
dstHost, err := r.director(ProtocolHTTPS, host) info, err := r.director(ProtocolHTTPS, host)
if err != nil { if err != nil {
log.Printf("Error directing request: %v\n", err) log.Printf("Error directing request: %v\n", err)
return return
} }
dstHost := info.Dst
d, err := r.dialer.Dial("tcp", dstHost.String()) d, err := r.dialer.Dial("tcp", dstHost.String())
if err != nil { if err != nil {
log.Printf("Error dialing backend %s: %v\n", dstHost.String(), err) log.Printf("Error dialing backend %s: %v\n", dstHost.String(), err)
@@ -366,11 +377,12 @@ func (r *proxyRouter) handleConnection(c net.Conn) {
host = req.Host host = req.Host
} }
log.Printf("Proxying http connection to %s. Discover took %s. Http read took %s\n", host, discoverElapsed, httpReadElapsed) log.Printf("Proxying http connection to %s. Discover took %s. Http read took %s\n", host, discoverElapsed, httpReadElapsed)
dstHost, err := r.director(ProtocolHTTP, host) info, err := r.director(ProtocolHTTP, host)
if err != nil { if err != nil {
log.Printf("Error directing request: %v\n", err) log.Printf("Error directing request: %v\n", err)
return return
} }
dstHost := info.Dst
d, err := r.dialer.Dial("tcp", dstHost.String()) d, err := r.dialer.Dial("tcp", dstHost.String())
if err != nil { if err != nil {
log.Printf("Error dialing backend %s: %v\n", dstHost.String(), err) log.Printf("Error dialing backend %s: %v\n", dstHost.String(), err)

28
router/router_test.go
View File

@@ -231,12 +231,12 @@ func TestProxy_TLS(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
receivedHost = host receivedHost = host
receivedProtocol = protocol receivedProtocol = protocol
u, _ := url.Parse(ts.URL) u, _ := url.Parse(ts.URL)
a, _ := net.ResolveTCPAddr("tcp", u.Host) a, _ := net.ResolveTCPAddr("tcp", u.Host)
return a, nil return &DirectorInfo{Dst: a}, nil
}, private) }, private)
r.Listen(":0", ":0", ":0") r.Listen(":0", ":0", ":0")
defer r.Close() defer r.Close()
@@ -268,12 +268,12 @@ func TestProxy_Http(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
receivedHost = host receivedHost = host
receivedProtocol = protocol receivedProtocol = protocol
u, _ := url.Parse(ts.URL) u, _ := url.Parse(ts.URL)
a, _ := net.ResolveTCPAddr("tcp", u.Host) a, _ := net.ResolveTCPAddr("tcp", u.Host)
return a, nil return &DirectorInfo{Dst: a}, nil
}, private) }, private)
r.Listen(":0", ":0", ":0") r.Listen(":0", ":0", ":0")
defer r.Close() defer r.Close()
@@ -323,10 +323,10 @@ func TestProxy_WS(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
u, _ := url.Parse(ts.URL) u, _ := url.Parse(ts.URL)
a, _ := net.ResolveTCPAddr("tcp", u.Host) a, _ := net.ResolveTCPAddr("tcp", u.Host)
return a, nil return &DirectorInfo{Dst: a}, nil
}, private) }, private)
r.Listen(":0", ":0", ":0") r.Listen(":0", ":0", ":0")
defer r.Close() defer r.Close()
@@ -381,10 +381,10 @@ func TestProxy_WSS(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
u, _ := url.Parse(ts.URL) u, _ := url.Parse(ts.URL)
a, _ := net.ResolveTCPAddr("tcp", u.Host) a, _ := net.ResolveTCPAddr("tcp", u.Host)
return a, nil return &DirectorInfo{Dst: a}, nil
}, private) }, private)
r.Listen(":0", ":0", ":0") r.Listen(":0", ":0", ":0")
defer r.Close() defer r.Close()
@@ -419,12 +419,12 @@ func TestProxy_DNS_UDP(t *testing.T) {
var receivedHost string var receivedHost string
var receivedProtocol Protocol var receivedProtocol Protocol
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
receivedHost = host receivedHost = host
receivedProtocol = protocol receivedProtocol = protocol
if host == "10_0_0_1.foo.bar" { if host == "10_0_0_1.foo.bar" {
a, _ := net.ResolveTCPAddr("tcp", "10.0.0.1:0") a, _ := net.ResolveTCPAddr("tcp", "10.0.0.1:0")
return a, nil return &DirectorInfo{Dst: a}, nil
} else { } else {
return nil, fmt.Errorf("Not recognized") return nil, fmt.Errorf("Not recognized")
} }
@@ -463,11 +463,11 @@ func TestProxy_DNS_TCP(t *testing.T) {
var receivedHost string var receivedHost string
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
receivedHost = host receivedHost = host
if host == "10_0_0_1.foo.bar" { if host == "10_0_0_1.foo.bar" {
a, _ := net.ResolveTCPAddr("tcp", "10.0.0.1:0") a, _ := net.ResolveTCPAddr("tcp", "10.0.0.1:0")
return a, nil return &DirectorInfo{Dst: a}, nil
} else { } else {
return nil, fmt.Errorf("Not recognized") return nil, fmt.Errorf("Not recognized")
} }
@@ -517,13 +517,13 @@ func TestProxy_SSH(t *testing.T) {
}) })
assert.Nil(t, err) assert.Nil(t, err)
r := NewRouter(func(protocol Protocol, host string) (*net.TCPAddr, error) { r := NewRouter(func(protocol Protocol, host string) (*DirectorInfo, error) {
receivedHost = host receivedHost = host
receivedProtocol = protocol receivedProtocol = protocol
if host == "10-0-0-1-aaaabbbb" { if host == "10-0-0-1-aaaabbbb" {
chunks := strings.Split(laddr, ":") chunks := strings.Split(laddr, ":")
a, _ := net.ResolveTCPAddr("tcp", fmt.Sprintf("127.0.0.1:%s", chunks[len(chunks)-1])) a, _ := net.ResolveTCPAddr("tcp", fmt.Sprintf("127.0.0.1:%s", chunks[len(chunks)-1]))
return a, nil return &DirectorInfo{Dst: a, SSHUser: "root", SSHAuthMethods: []ssh.AuthMethod{ssh.Password("root")}}, nil
} else { } else {
return nil, fmt.Errorf("Not recognized") return nil, fmt.Errorf("Not recognized")
} }