From 1e05934ede265a6d69447e130bf656165df927a7 Mon Sep 17 00:00:00 2001 From: Newton Filho Date: Tue, 3 Dec 2024 10:41:01 +0000 Subject: [PATCH] feat(RDGRS-752): Chisel update (#25) Version update of upstream --- .github/Dockerfile | 16 +++++ .github/{workflows => }/dependabot.yml | 0 .github/goreleaser.yml | 53 ++++++++++++++++ .github/workflows/ci.yml | 86 ++++++++++++++++++++++---- LICENSE | 2 +- README.md | 3 +- client/client.go | 4 +- go.mod | 12 ++-- go.sum | 24 +++---- main.go | 6 +- server/server_handler.go | 16 ++--- server/server_listen.go | 5 +- share/cio/stdio.go | 3 +- share/settings/users.go | 4 +- share/tunnel/tunnel.go | 4 +- test/bench/main.go | 3 +- test/e2e/cert_utils_test.go | 15 +++-- test/e2e/setup_test.go | 6 +- 18 files changed, 197 insertions(+), 65 deletions(-) create mode 100644 .github/Dockerfile rename .github/{workflows => }/dependabot.yml (100%) create mode 100644 .github/goreleaser.yml diff --git a/.github/Dockerfile b/.github/Dockerfile new file mode 100644 index 00000000..872f7e00 --- /dev/null +++ b/.github/Dockerfile @@ -0,0 +1,16 @@ +# build stage +FROM golang:alpine AS build +RUN apk update && apk add git +ADD . /src +WORKDIR /src +ENV CGO_ENABLED=0 +RUN go build \ + -ldflags "-X github.com/jpillora/chisel/share.BuildVersion=$(git describe --abbrev=0 --tags)" \ + -o /tmp/bin +# run stage +FROM scratch +LABEL maintainer="dev@jpillora.com" +COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ +WORKDIR /app +COPY --from=build /tmp/bin /app/bin +ENTRYPOINT ["/app/bin"] \ No newline at end of file diff --git a/.github/workflows/dependabot.yml b/.github/dependabot.yml similarity index 100% rename from .github/workflows/dependabot.yml rename to .github/dependabot.yml diff --git a/.github/goreleaser.yml b/.github/goreleaser.yml new file mode 100644 index 00000000..7b36e179 --- /dev/null +++ b/.github/goreleaser.yml @@ -0,0 +1,53 @@ +# test this file with +# goreleaser release --config goreleaser.yml --clean --snapshot +version: 2 +builds: + - env: + - CGO_ENABLED=0 + ldflags: + - -s -w -X github.com/jpillora/chisel/share.BuildVersion={{.Version}} + flags: + - -trimpath + goos: + - linux + - darwin + - windows + - openbsd + goarch: + - 386 + - amd64 + - arm + - arm64 + - ppc64 + - ppc64le + - mips + - mipsle + - mips64 + - mips64le + - s390x + goarm: + - 5 + - 6 + - 7 + gomips: + - hardfloat + - softfloat +nfpms: + - maintainer: "https://github.com/{{ .Env.GITHUB_USER }}" + formats: + - deb + - rpm + - apk +archives: + - format: gz + files: + - none* +release: + draft: true + prerelease: auto +changelog: + sort: asc + filters: + exclude: + - "^docs:" + - "^test:" \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 83ecab03..7c694235 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,26 +1,90 @@ -on: [push, pull_request] name: CI +on: + pull_request: {} + push: {} +permissions: write-all jobs: # ================ - # TEST JOB - # runs on every push and PR - # runs 2x3 times (see matrix) + # BUILD AND TEST JOB # ================ test: - name: Test + name: Build & Test strategy: matrix: - go-version: [1.21.x] - platform: [ubuntu-latest] + # optionally test/build across multiple platforms/Go-versions + go-version: ["stable"] # '1.16', '1.17', '1.18, + platform: [ubuntu-latest, macos-latest, windows-latest] runs-on: ${{ matrix.platform }} steps: - - name: Install Go + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set up Go uses: actions/setup-go@v3 with: go-version: ${{ matrix.go-version }} - - name: Checkout code - uses: actions/checkout@v3 + check-latest: true - name: Build run: go build -v -o /dev/null . - name: Test - run: go test -v ./... \ No newline at end of file + run: go test -v ./... + # ================ + # RELEASE BINARIES (on push "v*" tag) + # ================ + release_binaries: + name: Release Binaries + needs: test + if: startsWith(github.ref, 'refs/tags/v') + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v3 + - name: goreleaser + if: success() + uses: docker://goreleaser/goreleaser:latest + env: + GITHUB_USER: ${{ github.repository_owner }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + args: release --config .github/goreleaser.yml + # ================ + # RELEASE DOCKER IMAGES (on push "v*" tag) + # ================ + release_docker: + name: Release Docker Images + needs: test + if: startsWith(github.ref, 'refs/tags/v') + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: jpillora + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Docker meta + id: meta + uses: docker/metadata-action@v4 + with: + images: jpillora/chisel + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + - name: Build and push + uses: docker/build-push-action@v3 + with: + context: . + file: .github/Dockerfile + platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/386,linux/arm/v7,linux/arm/v6 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file diff --git a/LICENSE b/LICENSE index 7ae236f7..08d56bd7 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 Jaime Pillora +Copyright (c) 2024 Jaime Pillora Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 3af60c8e..2b4d2fc5 100644 --- a/README.md +++ b/README.md @@ -422,7 +422,8 @@ Since WebSockets support is required: - `1.6` - Added client stdio support (by @BoleynSu) - `1.7` - Added UDP support - `1.8` - Move to a `scratch`Docker image -- `1.9` - Switch from `--key` seed to P256 key strings with `--key{gen,file}` + bump to Go 1.21 (by @cmenginnz) +- `1.9` - Bump to Go 1.21. Switch from `--key` seed to P256 key strings with `--key{gen,file}` (by @cmenginnz) +- `1.10` - Bump to Go 1.22. Add `.rpm` `.deb` and `.akp` to releases. Fix bad version comparison. ## License diff --git a/client/client.go b/client/client.go index c96edde6..49b62e65 100644 --- a/client/client.go +++ b/client/client.go @@ -8,10 +8,10 @@ import ( "encoding/base64" "errors" "fmt" - "io/ioutil" "net" "net/http" "net/url" + "os" "regexp" "strings" "time" @@ -118,7 +118,7 @@ func NewClient(c *Config) (*Client, error) { tc.InsecureSkipVerify = true } else if c.TLS.CA != "" { rootCAs := x509.NewCertPool() - if b, err := ioutil.ReadFile(c.TLS.CA); err != nil { + if b, err := os.ReadFile(c.TLS.CA); err != nil { return nil, fmt.Errorf("Failed to load file: %s", c.TLS.CA) } else if ok := rootCAs.AppendCertsFromPEM(b); !ok { return nil, fmt.Errorf("Failed to decode PEM: %s", c.TLS.CA) diff --git a/go.mod b/go.mod index 1c9259db..17311784 100644 --- a/go.mod +++ b/go.mod @@ -9,17 +9,17 @@ require ( github.com/jpillora/backoff v1.0.0 github.com/jpillora/requestlog v1.0.0 github.com/jpillora/sizestr v1.0.0 - golang.org/x/crypto v0.13.0 - golang.org/x/net v0.15.0 - golang.org/x/sync v0.3.0 + golang.org/x/crypto v0.16.0 + golang.org/x/net v0.14.0 + golang.org/x/sync v0.5.0 ) require ( github.com/andrew-d/go-termutil v0.0.0-20150726205930-009166a695a2 // indirect github.com/jpillora/ansi v1.0.3 // indirect github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce // indirect - golang.org/x/sys v0.12.0 // indirect - golang.org/x/text v0.13.0 // indirect + golang.org/x/sys v0.15.0 // indirect + golang.org/x/text v0.14.0 // indirect ) -replace github.com/jpillora/chisel => ../chisel \ No newline at end of file +replace github.com/jpillora/chisel => ../chisel diff --git a/go.sum b/go.sum index 75df3b5c..e2f4898d 100644 --- a/go.sum +++ b/go.sum @@ -16,16 +16,16 @@ github.com/jpillora/sizestr v1.0.0 h1:4tr0FLxs1Mtq3TnsLDV+GYUWG7Q26a6s+tV5Zfw2yg github.com/jpillora/sizestr v1.0.0/go.mod h1:bUhLv4ctkknatr6gR42qPxirmd5+ds1u7mzD+MZ33f0= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce h1:fb190+cK2Xz/dvi9Hv8eCYJYvIGUTN2/KLq1pT6CjEc= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4= -golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= +golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= +golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= diff --git a/main.go b/main.go index f78ee156..01f9ca3b 100644 --- a/main.go +++ b/main.go @@ -3,7 +3,6 @@ package main import ( "flag" "fmt" - "io/ioutil" "log" "net/http" "os" @@ -89,7 +88,7 @@ var commonHelp = ` func generatePidFile() { pid := []byte(strconv.Itoa(os.Getpid())) - if err := ioutil.WriteFile("chisel.pid", pid, 0644); err != nil { + if err := os.WriteFile("chisel.pid", pid, 0644); err != nil { log.Fatal(err) } } @@ -241,6 +240,9 @@ func server(args []string) { } else if config.KeySeed == "" { config.KeySeed = settings.Env("KEY") } + if config.Auth == "" { + config.Auth = os.Getenv("AUTH") + } s, err := chserver.NewServer(config) if err != nil { log.Fatal(err) diff --git a/server/server_handler.go b/server/server_handler.go index 952aa4d8..a732e2b6 100644 --- a/server/server_handler.go +++ b/server/server_handler.go @@ -19,7 +19,7 @@ func (s *Server) handleClientHandler(w http.ResponseWriter, r *http.Request) { //websockets upgrade AND has chisel prefix upgrade := strings.ToLower(r.Header.Get("Upgrade")) protocol := r.Header.Get("Sec-WebSocket-Protocol") - if upgrade == "websocket" { + if upgrade == "websocket" { if protocol == chshare.ProtocolVersion { s.handleWebsocket(w, r) return @@ -101,13 +101,13 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) { return } //print if client and server versions dont match - if c.Version != chshare.BuildVersion { - v := c.Version - if v == "" { - v = "" - } - l.Infof("Client version (%s) differs from server version (%s)", - v, chshare.BuildVersion) + cv := strings.TrimPrefix(c.Version, "v") + if cv == "" { + cv = "" + } + sv := strings.TrimPrefix(chshare.BuildVersion, "v") + if cv != sv { + l.Infof("Client version (%s) differs from server version (%s)", cv, sv) } //validate remotes for _, r := range c.Remotes { diff --git a/server/server_listen.go b/server/server_listen.go index a7dcfe84..f6eb1ffa 100644 --- a/server/server_listen.go +++ b/server/server_listen.go @@ -4,7 +4,6 @@ import ( "crypto/tls" "crypto/x509" "errors" - "io/ioutil" "net" "os" "os/user" @@ -116,7 +115,7 @@ func addCA(ca string, c *tls.Config) error { clientCAPool := x509.NewCertPool() if fileInfo.IsDir() { //this is a directory holding CA bundle files - files, err := ioutil.ReadDir(ca) + files, err := os.ReadDir(ca) if err != nil { return err } @@ -140,7 +139,7 @@ func addCA(ca string, c *tls.Config) error { } func addPEMFile(path string, pool *x509.CertPool) error { - content, err := ioutil.ReadFile(path) + content, err := os.ReadFile(path) if err != nil { return err } diff --git a/share/cio/stdio.go b/share/cio/stdio.go index 24798def..16327989 100644 --- a/share/cio/stdio.go +++ b/share/cio/stdio.go @@ -2,7 +2,6 @@ package cio import ( "io" - "io/ioutil" "os" ) @@ -11,6 +10,6 @@ var Stdio = &struct { io.ReadCloser io.Writer }{ - ioutil.NopCloser(os.Stdin), + io.NopCloser(os.Stdin), os.Stdout, } diff --git a/share/settings/users.go b/share/settings/users.go index ea57f280..a6f0a093 100644 --- a/share/settings/users.go +++ b/share/settings/users.go @@ -4,7 +4,7 @@ import ( "encoding/json" "errors" "fmt" - "io/ioutil" + "os" "regexp" "sync" @@ -125,7 +125,7 @@ func (u *UserIndex) loadUserIndex() error { if u.configFile == "" { return errors.New("configuration file not set") } - b, err := ioutil.ReadFile(u.configFile) + b, err := os.ReadFile(u.configFile) if err != nil { return fmt.Errorf("Failed to read auth file: %s, error: %s", u.configFile, err) } diff --git a/share/tunnel/tunnel.go b/share/tunnel/tunnel.go index 1d80bd5b..7493a5ac 100644 --- a/share/tunnel/tunnel.go +++ b/share/tunnel/tunnel.go @@ -4,7 +4,7 @@ import ( "bytes" "context" "errors" - "io/ioutil" + "io" "log" "os" "sync" @@ -57,7 +57,7 @@ func New(c Config) *Tunnel { //setup socks server (not listening on any port!) extra := "" if c.Socks { - sl := log.New(ioutil.Discard, "", 0) + sl := log.New(io.Discard, "", 0) if t.Logger.Debug { sl = log.New(os.Stdout, "[socks]", log.Ldate|log.Ltime) } diff --git a/test/bench/main.go b/test/bench/main.go index 091f2d5d..f47b10c1 100644 --- a/test/bench/main.go +++ b/test/bench/main.go @@ -17,7 +17,6 @@ import ( "flag" "fmt" "io" - "io/ioutil" "log" "net/http" "os" @@ -86,7 +85,7 @@ func testTunnel(port string, size int) { fatal(err) } - n, err := io.Copy(ioutil.Discard, resp.Body) + n, err := io.Copy(io.Discard, resp.Body) if err != nil { fatal(err) } diff --git a/test/e2e/cert_utils_test.go b/test/e2e/cert_utils_test.go index 379e282b..f71a13dd 100644 --- a/test/e2e/cert_utils_test.go +++ b/test/e2e/cert_utils_test.go @@ -11,7 +11,6 @@ import ( "crypto/x509/pkix" "encoding/pem" "fmt" - "io/ioutil" "math/big" "net" "os" @@ -53,7 +52,7 @@ func newTestTLSConfig() (*tlsConfig, error) { return nil, err } - tlsConfig.tmpDir, err = ioutil.TempDir("", "") + tlsConfig.tmpDir, err = os.MkdirTemp("", "") if err != nil { return nil, err } @@ -63,7 +62,7 @@ func newTestTLSConfig() (*tlsConfig, error) { return nil, err } pathServerCACrt := path.Join(dirServerCA, "client.crt") - if err := ioutil.WriteFile(pathServerCACrt, clientCertPEM, 0666); err != nil { + if err := os.WriteFile(pathServerCACrt, clientCertPEM, 0666); err != nil { return nil, err } @@ -72,7 +71,7 @@ func newTestTLSConfig() (*tlsConfig, error) { return nil, err } pathClientCACrt := path.Join(dirClientCA, "server.crt") - if err := ioutil.WriteFile(pathClientCACrt, serverCertPEM, 0666); err != nil { + if err := os.WriteFile(pathClientCACrt, serverCertPEM, 0666); err != nil { return nil, err } @@ -81,11 +80,11 @@ func newTestTLSConfig() (*tlsConfig, error) { return nil, err } pathServerCrtCrt := path.Join(dirServerCrt, "server.crt") - if err := ioutil.WriteFile(pathServerCrtCrt, serverCertPEM, 0666); err != nil { + if err := os.WriteFile(pathServerCrtCrt, serverCertPEM, 0666); err != nil { return nil, err } pathServerCrtKey := path.Join(dirServerCrt, "server.key") - if err := ioutil.WriteFile(pathServerCrtKey, serverKeyPEM, 0666); err != nil { + if err := os.WriteFile(pathServerCrtKey, serverKeyPEM, 0666); err != nil { return nil, err } @@ -94,11 +93,11 @@ func newTestTLSConfig() (*tlsConfig, error) { return nil, err } pathClientCrtCrt := path.Join(dirClientCrt, "client.crt") - if err := ioutil.WriteFile(pathClientCrtCrt, clientCertPEM, 0666); err != nil { + if err := os.WriteFile(pathClientCrtCrt, clientCertPEM, 0666); err != nil { return nil, err } pathClientCrtKey := path.Join(dirClientCrt, "client.key") - if err := ioutil.WriteFile(pathClientCrtKey, clientKeyPEM, 0666); err != nil { + if err := os.WriteFile(pathClientCrtKey, clientKeyPEM, 0666); err != nil { return nil, err } diff --git a/test/e2e/setup_test.go b/test/e2e/setup_test.go index c6228757..c1611bfb 100644 --- a/test/e2e/setup_test.go +++ b/test/e2e/setup_test.go @@ -2,7 +2,7 @@ package e2e_test import ( "context" - "io/ioutil" + "io" "log" "net" "net/http" @@ -36,7 +36,7 @@ func (tl *testLayout) setup(t *testing.T) (server *chserver.Server, client *chcl fileAddr := "127.0.0.1:" + filePort f := http.Server{ Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - b, _ := ioutil.ReadAll(r.Body) + b, _ := io.ReadAll(r.Body) w.Write(append(b, '!')) }), } @@ -133,7 +133,7 @@ func post(url, body string) (string, error) { if err != nil { return "", err } - b, err := ioutil.ReadAll(resp.Body) + b, err := io.ReadAll(resp.Body) if err != nil { return "", err }