1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
package config
import (
"flag"
"log"
"os"
)
const DefaultAuthenticationModule string = "anon"
type Opts struct {
Notls bool
CaCrt string
CaKey string
TlsCrt string
TlsKey string
Port string
Auth string
AuthSecret string
}
var SIPTelnetTerminator string = ""
func FallbackToEnv(variable *string, envVar, defaultVar string) {
if *variable == "" {
val, exists := os.LookupEnv(envVar)
if exists && val != "" {
*variable = val
} else {
*variable = defaultVar
}
}
}
func doCaFilesSanityCheck(caCrt string, caKey string) {
if _, err := os.Stat(caCrt); os.IsNotExist(err) {
log.Fatal("cannot find caCrt file")
}
if _, err := os.Stat(caKey); os.IsNotExist(err) {
log.Fatal("cannot find caKey file")
}
}
func doTlsFilesSanityCheck(tlsCrt string, tlsKey string) {
if _, err := os.Stat(tlsCrt); os.IsNotExist(err) {
log.Fatal("cannot find tlsCrt file")
}
if _, err := os.Stat(tlsKey); os.IsNotExist(err) {
log.Fatal("cannot find tlsKey file")
}
}
func InitializeFlags(opts *Opts) {
flag.BoolVar(&opts.Notls, "notls", false, "Disable TLS on the service")
flag.StringVar(&opts.CaCrt, "caCrt", "", "Path to the CA public key")
flag.StringVar(&opts.CaKey, "caKey", "", "Path to the CA private key")
flag.StringVar(&opts.TlsCrt, "tlsCrt", "", "Path to the cert file for TLS")
flag.StringVar(&opts.TlsKey, "tlsKey", "", "Path to the key file for TLS")
flag.StringVar(&opts.Port, "port", "", "Port where the server will listen (default: 8000)")
flag.StringVar(&opts.Auth, "auth", "", "Authentication module (anonymous, sip)")
flag.StringVar(&opts.AuthSecret, "authSecret", "", "Authentication secret (optional)")
flag.Parse()
FallbackToEnv(&opts.CaCrt, "VPNWEB_CACRT", "")
FallbackToEnv(&opts.CaKey, "VPNWEB_CAKEY", "")
FallbackToEnv(&opts.TlsCrt, "VPNWEB_TLSCRT", "")
FallbackToEnv(&opts.TlsKey, "VPNWEB_TLSKEY", "")
FallbackToEnv(&opts.Port, "VPNWEB_PORT", "8000")
FallbackToEnv(&opts.Auth, "VPNWEB_AUTH", DefaultAuthenticationModule)
FallbackToEnv(&opts.AuthSecret, "VPNWEB_AUTH_SECRET", "")
}
func CheckConfigurationOptions(opts *Opts) {
if opts.CaCrt == "" {
log.Fatal("missing caCrt parameter")
}
if opts.CaKey == "" {
log.Fatal("missing caKey parameter")
}
if opts.Notls == false {
if opts.TlsCrt == "" {
log.Fatal("missing tls_crt parameter. maybe use -notls?")
}
if opts.TlsKey == "" {
log.Fatal("missing tls_key parameter. maybe use -notls?")
}
}
doCaFilesSanityCheck(opts.CaCrt, opts.CaKey)
if opts.Notls == false {
doTlsFilesSanityCheck(opts.TlsCrt, opts.TlsKey)
}
log.Println("Authentication module:", opts.Auth)
}
|