yaja/server/state/connect.go

package state

import (
	"crypto/tls"
	"fmt"

	"dev.sum7.eu/genofire/yaja/messages"
	"dev.sum7.eu/genofire/yaja/server/utils"
	"golang.org/x/crypto/acme/autocert"
)

// Start state
type Start struct {
	Next   State
	Client *utils.Client
}

// Process message
func (state *Start) Process() State {
	state.Client.Log = state.Client.Log.WithField("state", "stream")
	state.Client.Log.Debug("running")
	defer state.Client.Log.Debug("leave")

	element, err := state.Client.Read()
	if err != nil {
		state.Client.Log.Warn("unable to read: ", err)
		return nil
	}
	if element.Name.Space != messages.NSStream || element.Name.Local != "stream" {
		state.Client.Log.Warn("is no stream")
		return state
	}
	for _, attr := range element.Attr {
		if attr.Name.Local == "to" {
			state.Client.JID = &messages.JID{Domain: attr.Value}
			state.Client.Log = state.Client.Log.WithField("jid", state.Client.JID.Full())
		}
	}
	if state.Client.JID == nil {
		state.Client.Log.Warn("no 'to' domain readed")
		return nil
	}

	fmt.Fprintf(state.Client.Conn, `<?xml version='1.0'?>
		<stream:stream id='%x' version='1.0' xmlns='%s' xmlns:stream='%s'>`,
		messages.CreateCookie(), messages.NSClient, messages.NSStream)

	fmt.Fprintf(state.Client.Conn, `<stream:features>
			<starttls xmlns='%s'>
				<required/>
			</starttls>
		</stream:features>`,
		messages.NSStream)

	return state.Next
}

// TLSUpgrade state
type TLSUpgrade struct {
	Next       State
	Client     *utils.Client
	TLSConfig  *tls.Config
	TLSManager *autocert.Manager
}

// Process message
func (state *TLSUpgrade) Process() State {
	state.Client.Log = state.Client.Log.WithField("state", "tls upgrade")
	state.Client.Log.Debug("running")
	defer state.Client.Log.Debug("leave")

	element, err := state.Client.Read()
	if err != nil {
		state.Client.Log.Warn("unable to read: ", err)
		return nil
	}
	if element.Name.Space != messages.NSStartTLS || element.Name.Local != "starttls" {
		state.Client.Log.Warn("is no starttls", element)
		return nil
	}
	fmt.Fprintf(state.Client.Conn, "<proceed xmlns='%s'/>", messages.NSStartTLS)
	// perform the TLS handshake
	var tlsConfig *tls.Config
	if m := state.TLSManager; m != nil {
		var cert *tls.Certificate
		cert, err = m.GetCertificate(&tls.ClientHelloInfo{ServerName: state.Client.JID.Domain})
		if err != nil {
			state.Client.Log.Warn("no cert in tls manger found: ", err)
			return nil
		}
		tlsConfig = &tls.Config{
			Certificates: []tls.Certificate{*cert},
		}
	}
	if tlsConfig == nil {
		tlsConfig = state.TLSConfig
		if tlsConfig != nil {
			tlsConfig.ServerName = state.Client.JID.Domain
		} else {
			state.Client.Log.Warn("no tls config found: ", err)
			return nil
		}
	}

	tlsConn := tls.Server(state.Client.Conn, tlsConfig)
	err = tlsConn.Handshake()
	if err != nil {
		state.Client.Log.Warn("unable to tls handshake: ", err)
		return nil
	}
	// restart the Connection
	state.Client.SetConnecting(tlsConn)

	return state.Next
}
restructur code in packages 2017-12-16 23:20:46 +01:00			`package state`

			`import (`
			`"crypto/tls"`
			`"fmt"`

move to dev.sum7.eu 2018-02-07 15:34:18 +01:00			`"dev.sum7.eu/genofire/yaja/messages"`
			`"dev.sum7.eu/genofire/yaja/server/utils"`
restructur code in packages 2017-12-16 23:20:46 +01:00			`"golang.org/x/crypto/acme/autocert"`
			`)`

			`// Start state`
			`type Start struct {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`Next State`
			`Client *utils.Client`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`

			`// Process message`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`func (state *Start) Process() State {`
			`state.Client.Log = state.Client.Log.WithField("state", "stream")`
			`state.Client.Log.Debug("running")`
			`defer state.Client.Log.Debug("leave")`
restructur code in packages 2017-12-16 23:20:46 +01:00
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`element, err := state.Client.Read()`
restructur code in packages 2017-12-16 23:20:46 +01:00			`if err != nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("unable to read: ", err)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`if element.Name.Space != messages.NSStream \|\| element.Name.Local != "stream" {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("is no stream")`
			`return state`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`for _, attr := range element.Attr {`
			`if attr.Name.Local == "to" {`
messages after RFC 6120 completed 2018-02-13 20:05:18 +01:00			`state.Client.JID = &messages.JID{Domain: attr.Value}`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log = state.Client.Log.WithField("jid", state.Client.JID.Full())`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`}`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`if state.Client.JID == nil {`
			`state.Client.Log.Warn("no 'to' domain readed")`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`

move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			fmt.Fprintf(state.Client.Conn, `<?xml version='1.0'?>
restructur code in packages 2017-12-16 23:20:46 +01:00			<stream:stream id='%x' version='1.0' xmlns='%s' xmlns:stream='%s'>`,
improve client 2018-02-11 19:35:32 +01:00			`messages.CreateCookie(), messages.NSClient, messages.NSStream)`
restructur code in packages 2017-12-16 23:20:46 +01:00
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			fmt.Fprintf(state.Client.Conn, `<stream:features>
restructur code in packages 2017-12-16 23:20:46 +01:00			`<starttls xmlns='%s'>`
			`<required/>`
			`</starttls>`
			</stream:features>`,
			`messages.NSStream)`

move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`return state.Next`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`

			`// TLSUpgrade state`
			`type TLSUpgrade struct {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`Next State`
			`Client *utils.Client`
			`TLSConfig *tls.Config`
			`TLSManager *autocert.Manager`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`

			`// Process message`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`func (state *TLSUpgrade) Process() State {`
			`state.Client.Log = state.Client.Log.WithField("state", "tls upgrade")`
			`state.Client.Log.Debug("running")`
			`defer state.Client.Log.Debug("leave")`
restructur code in packages 2017-12-16 23:20:46 +01:00
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`element, err := state.Client.Read()`
restructur code in packages 2017-12-16 23:20:46 +01:00			`if err != nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("unable to read: ", err)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
messages after RFC 6120 completed 2018-02-13 20:05:18 +01:00			`if element.Name.Space != messages.NSStartTLS \|\| element.Name.Local != "starttls" {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("is no starttls", element)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
messages after RFC 6120 completed 2018-02-13 20:05:18 +01:00			`fmt.Fprintf(state.Client.Conn, "<proceed xmlns='%s'/>", messages.NSStartTLS)`
restructur code in packages 2017-12-16 23:20:46 +01:00			`// perform the TLS handshake`
			`var tlsConfig *tls.Config`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`if m := state.TLSManager; m != nil {`
restructur code in packages 2017-12-16 23:20:46 +01:00			`var cert *tls.Certificate`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`cert, err = m.GetCertificate(&tls.ClientHelloInfo{ServerName: state.Client.JID.Domain})`
restructur code in packages 2017-12-16 23:20:46 +01:00			`if err != nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("no cert in tls manger found: ", err)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`tlsConfig = &tls.Config{`
			`Certificates: []tls.Certificate{*cert},`
			`}`
			`}`
			`if tlsConfig == nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`tlsConfig = state.TLSConfig`
restructur code in packages 2017-12-16 23:20:46 +01:00			`if tlsConfig != nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`tlsConfig.ServerName = state.Client.JID.Domain`
restructur code in packages 2017-12-16 23:20:46 +01:00			`} else {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("no tls config found: ", err)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`}`

move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`tlsConn := tls.Server(state.Client.Conn, tlsConfig)`
restructur code in packages 2017-12-16 23:20:46 +01:00			`err = tlsConn.Handshake()`
			`if err != nil {`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.Log.Warn("unable to tls handshake: ", err)`
			`return nil`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`
			`// restart the Connection`
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`state.Client.SetConnecting(tlsConn)`
restructur code in packages 2017-12-16 23:20:46 +01:00
move client to state attr + s2s idea 2017-12-17 17:50:51 +01:00			`return state.Next`
restructur code in packages 2017-12-16 23:20:46 +01:00			`}`