Revert "Add HTTP(S) dualstack support (incl. option to generate self-…

…signed certs). roblillack#6" This reverts commit 1271cba.
TheHippo · Mar 1, 2018 · c5fabe2 · c5fabe2
1 parent aae0b8f
commit c5fabe2
Show file tree

Hide file tree

Showing 6 changed files with 66 additions and 164 deletions.
diff --git a/README.md b/README.md
@@ -71,6 +71,7 @@ The major changes since forking away from Revel are these:
    )
 
    func main() {
+       port := flag.Int("p", -1, "Port to listen on (default: use mars config)")
        mode := flag.String("m", "prod", "Runtime mode to select (default: prod)")
        flag.Parse()
 
@@ -90,7 +91,11 @@ The major changes since forking away from Revel are these:
        // Reads the config, sets up template loader, creates router
        mars.InitDefaults(mode, ".")
 
-       mars.Run()
+       if *port == -1 {
+           *port = mars.HttpPort
+       }
+
+       mars.Run(*port)
    }
    ```
 7. Run `go generate && go build && ./myapp` and be happy.

diff --git a/cert.go b/cert.go
diff --git a/docs/migration.md b/docs/migration.md
@@ -34,6 +34,7 @@
        )
 
        func main() {
+           port := flag.Int("p", -1, "Port to listen on (default: use mars config)")
            mode := flag.String("m", "prod", "Runtime mode to select (default: prod)")
            flag.Parse()
 
@@ -53,6 +54,10 @@
            // Reads the config, sets up template loader, creates router
            mars.InitDefaults(mode, ".")
 
-           mars.Run()
+           if *port == -1 {
+               *port = mars.HttpPort
+           }
+
+           mars.Run(*port)
        }
 7. Run `go generate && go build && ./myapp` and be happy.
diff --git a/docs/testing.md b/docs/testing.md
@@ -33,7 +33,7 @@ which can be used like this:
         mars.InitDefaults("dev", filepath.Join(filepath.Dir(filename), "..", ".."))
         mars.DevMode = true
 
-        go mars.Run()
+        go mars.Run(0)
 
         time.Sleep(1 * time.Second)
     }

diff --git a/revel.go b/revel.go
@@ -1,7 +1,6 @@
 package mars
 
 import (
-	"fmt"
 	"io"
 	"io/ioutil"
 	"log"
@@ -56,16 +55,11 @@ var (
 	// the current process reality.  For example, if the app is configured for
 	// port 9000, HttpPort will always be 9000, even though in dev mode it is
 	// run on a random port and proxied.
-	HttpAddr    = ":9000" // e.g. "", "127.0.0.1"
-	HttpSsl     = false   // e.g. true if using ssl
-	HttpSslCert = ""      // e.g. "/path/to/cert.pem"
-	HttpSslKey  = ""      // e.g. "/path/to/key.pem"
-
-	DualStackHTTP          = false
-	SSLAddr                = ":https"
-	SelfSignedCert         = false
-	SelfSignedOrganization = "ACME Inc."
-	SelfSignedDomains      = "127.0.0.1"
+	HttpPort    = 9000
+	HttpAddr    = ""    // e.g. "", "127.0.0.1"
+	HttpSsl     = false // e.g. true if using ssl
+	HttpSslCert = ""    // e.g. "/path/to/cert.pem"
+	HttpSslKey  = ""    // e.g. "/path/to/key.pem"
 
 	// All cookies dropped by the framework begin with this prefix.
 	CookiePrefix = "MARS"
@@ -150,42 +144,18 @@ func InitDefaults(mode, basePath string) {
 
 	// Configure properties from app.conf
 	DevMode = Config.BoolDefault("mode.dev", DevMode)
+	HttpPort = Config.IntDefault("http.port", HttpPort)
 	HttpAddr = Config.StringDefault("http.addr", HttpAddr)
-	HttpSsl = Config.BoolDefault("https.enabled", Config.BoolDefault("http.ssl", HttpSsl))
-	HttpSslCert = Config.StringDefault("https.certfile", Config.StringDefault("http.sslcert", HttpSslCert))
-	HttpSslKey = Config.StringDefault("https.keyfile", Config.StringDefault("http.sslkey", HttpSslKey))
-
-	DualStackHTTP = Config.BoolDefault("http.dualstack", DualStackHTTP)
-	SSLAddr = Config.StringDefault("https.addr", "")
-	SelfSignedCert = Config.BoolDefault("https.selfsign", SelfSignedCert)
-	SelfSignedOrganization = Config.StringDefault("https.organization", SelfSignedOrganization)
-	SelfSignedDomains = Config.StringDefault("https.domains", SelfSignedDomains)
+	HttpSsl = Config.BoolDefault("http.ssl", HttpSsl)
+	HttpSslCert = Config.StringDefault("http.sslcert", HttpSslCert)
+	HttpSslKey = Config.StringDefault("http.sslkey", HttpSslKey)
 
-	if (DualStackHTTP || HttpSsl) && !SelfSignedCert {
+	if HttpSsl {
 		if HttpSslCert == "" {
-			log.Fatalln("No https.certfile provided and https.selfsign not true.")
+			log.Fatalln("No http.sslcert provided.")
 		}
 		if HttpSslKey == "" {
-			log.Fatalln("No https.keyfile provided and https.selfsign not true.")
-		}
-	}
-
-	tryAddingSSLPort := false
-	// Support legacy way of specifying HTTPS addr
-	if SSLAddr == "" {
-		if HttpSsl && !DualStackHTTP {
-			SSLAddr = HttpAddr
-			tryAddingSSLPort = true
-		} else {
-			SSLAddr = ":https"
-		}
-	}
-
-	// Support legacy way of specifying port number as config setting http.port
-	if p := Config.IntDefault("http.port", -1); p != -1 {
-		HttpAddr = fmt.Sprintf("%s:%d", HttpAddr, p)
-		if tryAddingSSLPort {
-			SSLAddr = fmt.Sprintf("%s:%d", SSLAddr, p)
+			log.Fatalln("No http.sslkey provided.")
 		}
 	}
 

diff --git a/server.go b/server.go
@@ -1,10 +1,12 @@
 package mars
 
 import (
-	"crypto/tls"
+	"fmt"
 	"io"
+	"net"
 	"net/http"
-	"sync"
+	"strconv"
+	"strings"
 	"time"
 
 	"golang.org/x/net/websocket"
@@ -15,7 +17,6 @@ var (
 	MainTemplateLoader *TemplateLoader
 	MainWatcher        *Watcher
 	Server             *http.Server
-	SecureServer       *http.Server
 )
 
 // Handler is a http.HandlerFunc which exposes Mars' filtering, routing, and
@@ -62,69 +63,54 @@ func handleInternal(w http.ResponseWriter, r *http.Request, ws *websocket.Conn)
 	}
 }
 
-func makeServer(addr string) *http.Server {
-	return &http.Server{
-		Addr:         addr,
-		Handler:      Handler,
-		ReadTimeout:  time.Duration(Config.IntDefault("timeout.read", 0)) * time.Second,
-		WriteTimeout: time.Duration(Config.IntDefault("timeout.write", 0)) * time.Second,
+// Run the server.
+// This is called from the generated main file.
+// If port is non-zero, use that.  Else, read the port from app.conf.
+func Run(port int) {
+	address := HttpAddr
+	if port == 0 {
+		port = HttpPort
 	}
-}
-
-func Run() {
-	wg := sync.WaitGroup{}
 
-	if !HttpSsl || DualStackHTTP {
-		go func() {
-			time.Sleep(100 * time.Millisecond)
-			INFO.Printf("Listening on %s (HTTP) ...\n", HttpAddr)
-		}()
+	var network = "tcp"
+	var localAddress string
 
-		wg.Add(1)
-		go func() {
-			defer wg.Done()
-
-			Server = makeServer(HttpAddr)
-			ERROR.Fatalln("Failed to serve:", Server.ListenAndServe())
-		}()
+	// If the port is zero, treat the address as a fully qualified local address.
+	// This address must be prefixed with the network type followed by a colon,
+	// e.g. unix:/tmp/app.socket or tcp6:::1 (equivalent to tcp6:0:0:0:0:0:0:0:1)
+	if port == 0 {
+		parts := strings.SplitN(address, ":", 2)
+		network = parts[0]
+		localAddress = parts[1]
+	} else {
+		localAddress = address + ":" + strconv.Itoa(port)
 	}
 
-	if HttpSsl || DualStackHTTP {
-		go func() {
-			time.Sleep(100 * time.Millisecond)
-			INFO.Printf("Listening on %s (HTTPS) ...\n", SSLAddr)
-		}()
-
-		wg.Add(1)
-		go func() {
-			defer wg.Done()
-
-			serveTLS(SSLAddr)
-		}()
+	Server = &http.Server{
+		Addr:         localAddress,
+		Handler:      Handler,
+		ReadTimeout:  time.Duration(Config.IntDefault("timeout.read", 0)) * time.Second,
+		WriteTimeout: time.Duration(Config.IntDefault("timeout.write", 0)) * time.Second,
 	}
 
-	wg.Wait()
-}
-
-func serveTLS(addr string) {
-	SecureServer = makeServer(addr)
+	go func() {
+		time.Sleep(100 * time.Millisecond)
+		fmt.Printf("Listening on %s...\n", localAddress)
+	}()
 
-	SecureServer.TLSConfig = &tls.Config{
-		Certificates: make([]tls.Certificate, 1),
-	}
-	if SelfSignedCert {
-		keypair, err := createCertificate(SelfSignedOrganization, SelfSignedDomains)
-		if err != nil {
-			ERROR.Fatalln("Unable to create key pair:", err)
+	if HttpSsl {
+		if network != "tcp" {
+			// This limitation is just to reduce complexity, since it is standard
+			// to terminate SSL upstream when using unix domain sockets.
+			ERROR.Fatalln("SSL is only supported for TCP sockets. Specify a port to listen on.")
 		}
-		SecureServer.TLSConfig.Certificates[0] = keypair
+		ERROR.Fatalln("Failed to listen:",
+			Server.ListenAndServeTLS(HttpSslCert, HttpSslKey))
 	} else {
-		keypair, err := tls.LoadX509KeyPair(HttpSslCert, HttpSslKey)
+		listener, err := net.Listen(network, localAddress)
 		if err != nil {
-			ERROR.Fatalln("Unable to load key pair:", err)
+			ERROR.Fatalln("Failed to listen:", err)
 		}
-		SecureServer.TLSConfig.Certificates[0] = keypair
+		ERROR.Fatalln("Failed to serve:", Server.Serve(listener))
 	}
-
-	ERROR.Fatalln("Failed to serve:", SecureServer.ListenAndServeTLS("", ""))
 }