Merge pull request #10 from mayth/https-support

mayth · mayth · commit 2754ce957091 · 2020-03-27T16:00:29.000Z
HTTPS support
diff --git a/README.md b/README.md
@@ -72,6 +72,24 @@ Content-Length: 19
 ```
 
 
+# TLS
+
+To enable TLS support, add `-cert` and `-key` options:
+
+```
+$ ./simple_upload_server -cert ./cert.pem -key ./key.pem root/
+INFO[0000] starting up simple-upload-server
+WARN[0000] token generated                               token=28d93c74c8589ab62b5e
+INFO[0000] start listening TLS                           cert=./cert.pem key=./key.pem port=25443
+INFO[0000] start listening                               ip=0.0.0.0 port=25478 root=root token=28d93c74c8589ab62b5e upload_limit=5242880
+...
+```
+
+This server listens on `25443/tcp` for TLS connections by default. This can be changed by passing `-tlsport` option.
+
+NOTE: The endpoint using HTTP is still active even if TLS is enabled.
+
+
 # Security
 
 There is no Basic/Digest authentication. This app implements dead simple authentication: "security token".
diff --git a/go.mod b/go.mod
@@ -0,0 +1,5 @@
+module github.com/mayth/go-simple-upload-server
+
+go 1.14
+
+require github.com/sirupsen/logrus v1.5.0
diff --git a/go.sum b/go.sum
@@ -0,0 +1,9 @@
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/sirupsen/logrus v1.5.0 h1:1N5EYkVAPEywqZRJd7cwnRtCb6xJx7NH3T3WUTF980Q=
+github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
diff --git a/server.go b/server.go
@@ -12,7 +12,7 @@ import (
 	"regexp"
 	"strings"
 
-	"github.com/Sirupsen/logrus"
+	"github.com/sirupsen/logrus"
 )
 
 // Server represents a simple-upload server.
diff --git a/simple_upload_server.go b/simple_upload_server.go
@@ -8,18 +8,21 @@ import (
 
 	"crypto/rand"
 
-	"github.com/Sirupsen/logrus"
+	"github.com/sirupsen/logrus"
 )
 
 var logger *logrus.Logger
 
 func run(args []string) int {
 	bindAddress := flag.String("ip", "0.0.0.0", "IP address to bind")
 	listenPort := flag.Int("port", 25478, "port number to listen on")
+	tlsListenPort := flag.Int("tlsport", 25443, "port number to listen on with TLS")
 	// 5,242,880 bytes == 5 MiB
 	maxUploadSize := flag.Int64("upload_limit", 5242880, "max size of uploaded file (byte)")
 	tokenFlag := flag.String("token", "", "specify the security token (it is automatically generated if empty)")
 	logLevelFlag := flag.String("loglevel", "info", "logging level")
+	certFile := flag.String("cert", "", "path to certificate file")
+	keyFile := flag.String("key", "", "path to key file")
 	flag.Parse()
 	serverRoot := flag.Arg(0)
 	if len(serverRoot) == 0 {
@@ -42,17 +45,44 @@ func run(args []string) int {
 		token = fmt.Sprintf("%x", b)
 		logger.WithField("token", token).Warn("token generated")
 	}
-	logger.WithFields(logrus.Fields{
-		"ip":           *bindAddress,
-		"port":         *listenPort,
-		"token":        token,
-		"upload_limit": *maxUploadSize,
-		"root":         serverRoot,
-	}).Info("start listening")
+	tlsEnabled := *certFile != "" && *keyFile != ""
 	server := NewServer(serverRoot, *maxUploadSize, token)
 	http.Handle("/upload", server)
 	http.Handle("/files/", server)
-	http.ListenAndServe(fmt.Sprintf("%s:%d", *bindAddress, *listenPort), nil)
+
+	errors := make(chan error)
+
+	go func() {
+		logger.WithFields(logrus.Fields{
+			"ip":           *bindAddress,
+			"port":         *listenPort,
+			"token":        token,
+			"upload_limit": *maxUploadSize,
+			"root":         serverRoot,
+		}).Info("start listening")
+
+		if err := http.ListenAndServe(fmt.Sprintf("%s:%d", *bindAddress, *listenPort), nil); err != nil {
+			errors <- err
+		}
+	}()
+
+	if tlsEnabled {
+		go func() {
+			logger.WithFields(logrus.Fields{
+				"cert": *certFile,
+				"key":  *keyFile,
+				"port": *tlsListenPort,
+			}).Info("start listening TLS")
+
+			if err := http.ListenAndServeTLS(fmt.Sprintf("%s:%d", *bindAddress, *tlsListenPort), *certFile, *keyFile, nil); err != nil {
+				errors <- err
+			}
+		}()
+	}
+
+	err := <-errors
+	logger.WithError(err).Info("closing server")
+
 	return 0
 }
 

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ import (`
`12`	`12`	`"regexp"`
`13`	`13`	`"strings"`
`14`	`14`
`15`		`- "github.com/Sirupsen/logrus"`
	`15`	`+ "github.com/sirupsen/logrus"`
`16`	`16`	`)`
`17`	`17`
`18`	`18`	`// Server represents a simple-upload server.`