istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/test/echo/server/endpoint/hbone.go (about)

     1  // Copyright Istio Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package endpoint
    16  
    17  import (
    18  	"crypto/tls"
    19  	"fmt"
    20  	"net"
    21  	"net/http"
    22  
    23  	"istio.io/istio/pkg/hbone"
    24  )
    25  
    26  var _ Instance = &connectInstance{}
    27  
    28  type connectInstance struct {
    29  	Config
    30  	server *http.Server
    31  }
    32  
    33  func newHBONE(config Config) Instance {
    34  	return &connectInstance{
    35  		Config: config,
    36  	}
    37  }
    38  
    39  func (c connectInstance) Close() error {
    40  	if c.server != nil {
    41  		return c.server.Close()
    42  	}
    43  	return nil
    44  }
    45  
    46  func (c connectInstance) Start(onReady OnReadyFunc) error {
    47  	defer onReady()
    48  	c.server = hbone.NewServer()
    49  
    50  	var listener net.Listener
    51  	var port int
    52  	var err error
    53  	if c.Port.TLS {
    54  		cert, cerr := tls.LoadX509KeyPair(c.TLSCert, c.TLSKey)
    55  		if cerr != nil {
    56  			return fmt.Errorf("could not load TLS keys: %v", cerr)
    57  		}
    58  		config := &tls.Config{
    59  			Certificates: []tls.Certificate{cert},
    60  			NextProtos:   []string{"h2"},
    61  			GetConfigForClient: func(info *tls.ClientHelloInfo) (*tls.Config, error) {
    62  				// There isn't a way to pass through all ALPNs presented by the client down to the
    63  				// HTTP server to return in the response. However, for debugging, we can at least log
    64  				// them at this level.
    65  				epLog.Infof("TLS connection with alpn: %v", info.SupportedProtos)
    66  				return nil, nil
    67  			},
    68  			MinVersion: tls.VersionTLS12,
    69  		}
    70  		// Listen on the given port and update the port if it changed from what was passed in.
    71  		listener, port, err = listenOnAddressTLS(c.ListenerIP, c.Port.Port, config)
    72  		// Store the actual listening port back to the argument.
    73  		c.Port.Port = port
    74  	} else {
    75  		// Listen on the given port and update the port if it changed from what was passed in.
    76  		listener, port, err = listenOnAddress(c.ListenerIP, c.Port.Port)
    77  		// Store the actual listening port back to the argument.
    78  		c.Port.Port = port
    79  	}
    80  	if err != nil {
    81  		return err
    82  	}
    83  
    84  	if c.Port.TLS {
    85  		c.server.Addr = fmt.Sprintf(":%d", port)
    86  		epLog.Infof("Listening HBONE on %v\n", port)
    87  	} else {
    88  		c.server.Addr = fmt.Sprintf(":%d", port)
    89  		epLog.Infof("Listening HBONE (plaintext) on %v\n", port)
    90  	}
    91  	go func() {
    92  		err := c.server.Serve(listener)
    93  		epLog.Warnf("Port %d listener terminated with error: %v", port, err)
    94  	}()
    95  	return nil
    96  }
    97  
    98  func (c connectInstance) GetConfig() Config {
    99  	return c.Config
   100  }