You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

https_dummytest_server.go 3.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. // Simple HTTPS server for verifying client connections.
  2. package main
  3. import (
  4. "crypto/tls"
  5. "crypto/x509"
  6. "crypto/x509/pkix"
  7. "flag"
  8. "fmt"
  9. "io/ioutil"
  10. "log"
  11. "net/http"
  12. "net/http/httputil"
  13. "strings"
  14. )
  15. func createTLSConfig(ca string) (*tls.Config, error) {
  16. caCertPEM, err := ioutil.ReadFile(ca)
  17. if err != nil {
  18. return nil, err
  19. }
  20. roots := x509.NewCertPool()
  21. ok := roots.AppendCertsFromPEM(caCertPEM)
  22. if !ok {
  23. panic("failed to parse root certificate")
  24. }
  25. return &tls.Config{
  26. ClientAuth: tls.VerifyClientCertIfGiven,
  27. ClientCAs: roots,
  28. }, nil
  29. }
  30. func formatCertName(name pkix.Name) string {
  31. return fmt.Sprintf("/C=%s/ST=%s/L=%s/O=%s/OU=%s/CN=%s/",
  32. name.Country, name.Province, name.Locality, name.Organization,
  33. name.OrganizationalUnit, name.CommonName)
  34. }
  35. func formatCert(idx int, cert *x509.Certificate) string {
  36. res := []string{
  37. fmt.Sprintf(" %d\n s/n=%d (%x)\n ver: %d ", idx, cert.SerialNumber,
  38. cert.SerialNumber, cert.Version),
  39. " subject: " + formatCertName(cert.Subject),
  40. " issuer: " + formatCertName(cert.Issuer),
  41. fmt.Sprintf(" valid: %s - %s", cert.NotBefore, cert.NotAfter),
  42. }
  43. return strings.Join(res, "\n")
  44. }
  45. func defaultHandler(w http.ResponseWriter, r *http.Request) {
  46. res := make([]string, 0, 30)
  47. res = append(res, fmt.Sprintf("HTTP Method: %s", r.Method))
  48. res = append(res, fmt.Sprintf("HTTP URL: %s", r.URL))
  49. res = append(res, fmt.Sprintf("HTTP Proto: %s", r.Proto))
  50. for k, h := range r.Header {
  51. res = append(res, fmt.Sprintf("Header %s=%v", k, h))
  52. }
  53. res = append(res, fmt.Sprintf("HTTP Host: %s", r.Host))
  54. res = append(res, fmt.Sprintf("HTTP Remote: %s", r.RemoteAddr))
  55. state := r.TLS
  56. if state != nil {
  57. res = append(res, fmt.Sprintf("TLS Version: %x", state.Version))
  58. res = append(res, fmt.Sprintf("TLS HandshakeComplete: %t", state.HandshakeComplete))
  59. res = append(res, fmt.Sprintf("TLS DidResume: %t", state.DidResume))
  60. res = append(res, fmt.Sprintf("TLS CipherSuite: %x", state.CipherSuite))
  61. res = append(res, fmt.Sprintf("TLS NegotiatedProtocol: %s", state.NegotiatedProtocol))
  62. res = append(res, fmt.Sprintf("TLS NegotiatedProtocolIsMutual: %t", state.NegotiatedProtocolIsMutual))
  63. res = append(res, "Certificate chain:")
  64. for i, cert := range state.PeerCertificates {
  65. res = append(res, formatCert(i, cert))
  66. }
  67. } else {
  68. res = append(res, "NO TLS")
  69. }
  70. res = append(res, "HTTP Request-------------------------")
  71. if dump, err := httputil.DumpRequest(r, true); err == nil {
  72. res = append(res, string(dump))
  73. } else {
  74. res = append(res, fmt.Sprintf("Err: %s", err.Error()))
  75. }
  76. res = append(res, "HTTP Request END --------------------")
  77. for _, r := range res {
  78. log.Println(r)
  79. }
  80. w.WriteHeader(http.StatusFound)
  81. w.Write([]byte(strings.Join(res, "\n")))
  82. }
  83. func main() {
  84. listen := flag.String("listen", "localhost:4443", "addres:port to listen")
  85. ca := flag.String("ca", "./ca.crt", "CA certificate")
  86. crt := flag.String("cert", "./server.crt", "server certificate")
  87. key := flag.String("key", "./server.key", "server key")
  88. flag.Parse()
  89. config, err := createTLSConfig(*ca)
  90. if err != nil {
  91. log.Fatal("tls config failed: %s", err.Error())
  92. }
  93. http.HandleFunc("/", defaultHandler)
  94. server := &http.Server{
  95. Addr: *listen,
  96. TLSConfig: config,
  97. }
  98. log.Println("Starting listen: ", *listen)
  99. if err := server.ListenAndServeTLS(*crt, *key); err != nil {
  100. log.Fatal("Listen error: ", err.Error())
  101. }
  102. }