2023-02-04 05:29:39 +00:00
|
|
|
// MIT License
|
|
|
|
|
//
|
|
|
|
|
// Copyright (c) 2023 Reinaldy Rafli <aldy505@proton.me>
|
|
|
|
|
//
|
|
|
|
|
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
|
// of this software and associated documentation files (the "Software"), to deal
|
|
|
|
|
// in the Software without restriction, including without limitation the rights
|
|
|
|
|
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
|
// copies of the Software, and to permit persons to whom the Software is
|
|
|
|
|
// furnished to do so, subject to the following conditions:
|
|
|
|
|
//
|
|
|
|
|
// The above copyright notice and this permission notice shall be included in all
|
|
|
|
|
// copies or substantial portions of the Software.
|
|
|
|
|
//
|
|
|
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
|
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
|
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
|
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
|
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
|
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
|
|
|
// SOFTWARE.
|
|
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
2023-02-13 03:33:33 +00:00
|
|
|
import (
|
|
|
|
|
"crypto/tls"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"fmt"
|
|
|
|
|
"os"
|
|
|
|
|
)
|
|
|
|
|
|
2023-02-04 05:29:39 +00:00
|
|
|
type Configuration struct {
|
|
|
|
|
Endpoints []Endpoint `required:"true"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type Endpoint struct {
|
2023-02-13 03:33:33 +00:00
|
|
|
Name string `required:"true"`
|
|
|
|
|
Address string `required:"true"`
|
|
|
|
|
Method string `required:"false" default:"GET"`
|
|
|
|
|
Timeout uint16 `required:"false" default:"30"`
|
|
|
|
|
SuccessfulStatusCode string `required:"false" default:"2xx" yaml:"successful_status_code" json:"successful_status_code" toml:"successful_status_code"`
|
|
|
|
|
InverseStatus bool `required:"false" default:"false" yaml:"inverse_status" json:"inverse_status" toml:"inverse_status"`
|
|
|
|
|
TLSConfiguration TLSConfiguration `required:"false" yaml:"tls_configuration" json:"tls_configuration" toml:"tls_configuration"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type TLSConfiguration struct {
|
|
|
|
|
CertificateAuthorityPath string `required:"false" yaml:"certificate_authority_path" json:"certificate_authority_path" toml:"certificate_authority_path"`
|
|
|
|
|
ClientCertificatePath string `required:"false" yaml:"client_certificate_path" json:"client_certificate_path" toml:"client_certificate_path"`
|
|
|
|
|
ClientKeyPath string `required:"false" yaml:"client_key_path" json:"client_key_path" toml:"client_key_path"`
|
|
|
|
|
InsecureSkipVerify bool `required:"false" default:"false" yaml:"insecure_skip_verify" json:"insecure_skip_verify" toml:"insecure_skip_verify"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type PreprocessedEndpoint struct {
|
|
|
|
|
Name string
|
|
|
|
|
Address string
|
|
|
|
|
Method string
|
|
|
|
|
Timeout uint16
|
|
|
|
|
SuccessfulStatusCode string
|
|
|
|
|
InverseStatus bool
|
|
|
|
|
TLSConfiguration PreproccessedTLSConfiguration
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type PreproccessedTLSConfiguration struct {
|
|
|
|
|
Certificates []tls.Certificate
|
|
|
|
|
RootCA *x509.CertPool
|
|
|
|
|
InsecureSkipVerify bool
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func processConfiguration(endpoints []Endpoint) ([]PreprocessedEndpoint, error) {
|
|
|
|
|
var preprocessedEndpoints []PreprocessedEndpoint
|
|
|
|
|
|
|
|
|
|
for _, endpoint := range endpoints {
|
|
|
|
|
var certificates []tls.Certificate = nil
|
|
|
|
|
var rootCA *x509.CertPool = nil
|
|
|
|
|
|
|
|
|
|
if endpoint.TLSConfiguration.CertificateAuthorityPath != "" {
|
|
|
|
|
// Read CA file
|
|
|
|
|
file, err := os.ReadFile(endpoint.TLSConfiguration.CertificateAuthorityPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("reading certificate authority file: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rootCA = x509.NewCertPool()
|
|
|
|
|
ok := rootCA.AppendCertsFromPEM(file)
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, fmt.Errorf("invalid pem format for certificate authority")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if endpoint.TLSConfiguration.ClientCertificatePath != "" && endpoint.TLSConfiguration.ClientKeyPath != "" {
|
|
|
|
|
// Read certificate file
|
|
|
|
|
certificateFile, err := os.ReadFile(endpoint.TLSConfiguration.ClientCertificatePath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("reading certificate file: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
keyFile, err := os.ReadFile(endpoint.TLSConfiguration.ClientKeyPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("reading key file: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
certificate, err := tls.X509KeyPair(certificateFile, keyFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("creating x509 key pair: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
certificates = append(certificates, certificate)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
preprocessedEndpoints = append(preprocessedEndpoints, PreprocessedEndpoint{
|
|
|
|
|
Name: endpoint.Name,
|
|
|
|
|
Address: endpoint.Address,
|
|
|
|
|
Method: endpoint.Method,
|
|
|
|
|
Timeout: endpoint.Timeout,
|
|
|
|
|
SuccessfulStatusCode: endpoint.SuccessfulStatusCode,
|
|
|
|
|
InverseStatus: endpoint.InverseStatus,
|
|
|
|
|
TLSConfiguration: PreproccessedTLSConfiguration{
|
|
|
|
|
Certificates: certificates,
|
|
|
|
|
RootCA: rootCA,
|
|
|
|
|
InsecureSkipVerify: endpoint.TLSConfiguration.InsecureSkipVerify,
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return preprocessedEndpoints, nil
|
2023-02-04 05:29:39 +00:00
|
|
|
}
|
