From a079961c8b7e7a4412d83ae44760ae6115956598 Mon Sep 17 00:00:00 2001 From: Martin Geno Date: Fri, 15 Dec 2017 22:24:42 +0100 Subject: [PATCH] move webserver, logging and registraion to config --- .gitignore | 1 + cmd/server.go | 51 ++++++++++++++++++++++++++-------------- config_example.conf | 13 ++++++++-- model/config/struct.go | 19 ++++++++++++--- server/client.go | 16 ++++++++++++- server/server.go | 13 ++++++---- server/state_connect.go | 13 ++++++++-- server/state_register.go | 10 ++++++++ 8 files changed, 105 insertions(+), 31 deletions(-) diff --git a/.gitignore b/.gitignore index 7560965..024e953 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736 .glide/ +tmp diff --git a/cmd/server.go b/cmd/server.go index 31612b5..a786540 100644 --- a/cmd/server.go +++ b/cmd/server.go @@ -43,7 +43,7 @@ var serverCmd = &cobra.Command{ log.Fatal("unable to load config file:", err) } - log.SetLevel(log.DebugLevel) + log.SetLevel(configData.Logging.Level) err = file.ReadJSON(configData.StatePath, db) if err != nil { @@ -61,17 +61,26 @@ var serverCmd = &cobra.Command{ } // https server to handle acme (by letsencrypt) - httpServer := &http.Server{ - Addr: ":https", - TLSConfig: &tls.Config{GetCertificate: m.GetCertificate}, + for _, addr := range configData.Address.Webserver { + hs := &http.Server{ + Addr: addr, + TLSConfig: &tls.Config{GetCertificate: m.GetCertificate}, + } + go func(hs *http.Server, addr string) { + if err := hs.ListenAndServeTLS("", ""); err != http.ErrServerClosed { + log.Errorf("webserver with addr %s: %s", addr, err) + } + }(hs, addr) } - go httpServer.ListenAndServeTLS("", "") srv = &server.Server{ - TLSManager: &m, - Database: db, - ClientAddr: configData.Address.Client, - ServerAddr: configData.Address.Server, + TLSManager: &m, + Database: db, + ClientAddr: configData.Address.Client, + ServerAddr: configData.Address.Server, + LoggingClient: configData.Logging.LevelClient, + RegisterEnable: configData.Register.Enable, + RegisterDomains: configData.Register.Domains, } go statesaveWorker.Start() @@ -115,6 +124,10 @@ func reload() { log.Warn("unable to load config file:", err) return } + log.SetLevel(configNewData.Logging.Level) + srv.LoggingClient = configNewData.Logging.LevelClient + srv.RegisterEnable = configNewData.Register.Enable + srv.RegisterDomains = configNewData.Register.Domains //TODO fetch changing address (to set restart) @@ -139,16 +152,18 @@ func reload() { certs = &tls.Config{GetCertificate: m.GetCertificate} restartServer = true } - - newServer := &server.Server{ - TLSConfig: certs, - Database: db, - ClientAddr: configNewData.Address.Client, - ServerAddr: configNewData.Address.Server, - } - if restartServer { - go srv.Start() + newServer := &server.Server{ + TLSConfig: certs, + Database: db, + ClientAddr: configNewData.Address.Client, + ServerAddr: configNewData.Address.Server, + LoggingClient: configNewData.Logging.LevelClient, + RegisterEnable: configNewData.Register.Enable, + RegisterDomains: configNewData.Register.Domains, + } + log.Warn("reloading need a restart:") + go newServer.Start() //TODO should fetch new server error srv.Close() srv = newServer diff --git a/config_example.conf b/config_example.conf index d33f8bf..6051ff6 100644 --- a/config_example.conf +++ b/config_example.conf @@ -1,6 +1,15 @@ -tlsdir = "/tmp/ssl" -state_path = "/tmp/yaja.json" +tlsdir = "tmp/ssl" +state_path = "tmp/yaja.json" + +[logging] +level = 6 +level_client = 6 + +[register] +enable = true +domains = [] [address] +webserver = [":https"] client = [":5222"] server = [":5269"] diff --git a/model/config/struct.go b/model/config/struct.go index e902bdf..98aa393 100644 --- a/model/config/struct.go +++ b/model/config/struct.go @@ -1,10 +1,23 @@ package config +import ( + log "github.com/sirupsen/logrus" +) + type Config struct { TLSDir string `toml:"tlsdir"` StatePath string `toml:"state_path"` - Address struct { - Client []string `toml:"client"` - Server []string `toml:"server"` + Logging struct { + Level log.Level `toml:"level"` + LevelClient log.Level `toml:"level_client"` + } `toml:"logging"` + Register struct { + Enable bool `toml:"enable"` + Domains []string `toml:"domains"` + } `toml:"register"` + Address struct { + Webserver []string `toml:"webserver"` + Client []string `toml:"client"` + Server []string `toml:"server"` } `toml:"address"` } diff --git a/server/client.go b/server/client.go index 85555a0..717d97b 100644 --- a/server/client.go +++ b/server/client.go @@ -25,7 +25,7 @@ type Client struct { func NewClient(conn net.Conn, srv *Server) *Client { logger := log.New() - logger.SetLevel(log.DebugLevel) + logger.SetLevel(srv.LoggingClient) client := &Client{ Conn: conn, Server: srv, @@ -56,6 +56,20 @@ func (client *Client) Read() (*xml.StartElement, error) { } } +func (client *Client) DomainRegisterAllowed() bool { + if client.jid.Domain == "" { + return false + } + + for _, domain := range client.Server.RegisterDomains { + if domain == client.jid.Domain { + + return !client.Server.RegisterEnable + } + } + return client.Server.RegisterEnable +} + func (client *Client) Close() { client.close <- true client.Conn.Close() diff --git a/server/server.go b/server/server.go index 7463200..805b33a 100644 --- a/server/server.go +++ b/server/server.go @@ -10,11 +10,14 @@ import ( ) type Server struct { - TLSConfig *tls.Config - TLSManager *autocert.Manager - ClientAddr []string - ServerAddr []string - Database *database.State + TLSConfig *tls.Config + TLSManager *autocert.Manager + ClientAddr []string + ServerAddr []string + Database *database.State + LoggingClient log.Level + RegisterEnable bool `toml:"enable"` + RegisterDomains []string `toml:"domains"` } func (srv *Server) Start() { diff --git a/server/state_connect.go b/server/state_connect.go index c54b132..b54bc4d 100644 --- a/server/state_connect.go +++ b/server/state_connect.go @@ -150,13 +150,22 @@ func (state *TLSStream) Process(client *Client) (State, *Client) { `, createCookie(), messages.NSClient, messages.NSStream) - fmt.Fprintf(client.Conn, ` + if client.DomainRegisterAllowed() { + fmt.Fprintf(client.Conn, ` PLAIN `, - messages.NSSASL, messages.NSFeaturesIQRegister) + messages.NSSASL, messages.NSFeaturesIQRegister) + } else { + fmt.Fprintf(client.Conn, ` + + PLAIN + + `, + messages.NSSASL) + } return state.Next, client } diff --git a/server/state_register.go b/server/state_register.go index eb4dd4a..1d71835 100644 --- a/server/state_register.go +++ b/server/state_register.go @@ -19,6 +19,11 @@ func (state *RegisterFormRequest) Process(client *Client) (State, *Client) { client.log.Debug("running") defer client.log.Debug("leave") + if !client.DomainRegisterAllowed() { + client.log.Error("unpossible to reach this state, register on this domain is not allowed") + return nil, client + } + var msg messages.IQ if err := client.in.DecodeElement(&msg, state.element); err != nil { client.log.Warn("is no iq: ", err) @@ -65,6 +70,11 @@ func (state *RegisterRequest) Process(client *Client) (State, *Client) { client.log.Debug("running") defer client.log.Debug("leave") + if !client.DomainRegisterAllowed() { + client.log.Error("unpossible to reach this state, register on this domain is not allowed") + return nil, client + } + element, err := client.Read() if err != nil { client.log.Warn("unable to read: ", err)