From 97edea53ea2d869d1fe204df2594b71039899a8b Mon Sep 17 00:00:00 2001 From: Dustin Lo Date: Wed, 21 Oct 2020 10:37:37 -0700 Subject: [PATCH] Code cleanup (#2) * added region flag to avoid having to parse the endpoint to get the region hard-coded proxy.service value to "es" added insecure flag and logic to avoid SSL verification * cleaning up code, moving insecure logic to main function (TODO: still need to test) * removed redundant use of insecure flag --- .gitignore | 3 ++- aws-es-proxy.go | 28 +++++++--------------------- 2 files changed, 9 insertions(+), 22 deletions(-) diff --git a/.gitignore b/.gitignore index 5a847aff..11df5a61 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,5 @@ vendor glide.lock dist -.idea \ No newline at end of file +.idea +aws-es-proxy diff --git a/aws-es-proxy.go b/aws-es-proxy.go index 435f2c64..32a2f3ad 100644 --- a/aws-es-proxy.go +++ b/aws-es-proxy.go @@ -30,7 +30,6 @@ import ( ) func logger(debug bool) { - formatFilePath := func(path string) string { arr := strings.Split(path, "/") return arr[len(arr)-1] @@ -87,7 +86,6 @@ type proxy struct { password string realm string remoteTerminate bool - insecure bool } func newProxy(args ...interface{}) *proxy { @@ -101,12 +99,6 @@ func newProxy(args ...interface{}) *proxy { CheckRedirect: noRedirect, } - if args[12].(bool) == true { - client.Transport = &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - } - } - return &proxy{ endpoint: args[0].(string), verbose: args[1].(bool), @@ -120,7 +112,7 @@ func newProxy(args ...interface{}) *proxy { realm: args[9].(string), remoteTerminate: args[10].(bool), region: args[11].(string), - insecure: args[12].(bool), + service: "es", } } @@ -156,14 +148,9 @@ func (p *proxy) parseEndpoint() error { p.scheme = link.Scheme p.host = link.Host - p.service = "es" - logrus.Debugln("AWS Region", p.region) - // AWS SignV4 enabled, extract required parts for signing process if !p.nosignreq { - split := strings.SplitAfterN(link.Hostname(), ".", 2) - if len(split) < 2 { logrus.Debugln("Endpoint split is less than 2") } @@ -175,7 +162,6 @@ func (p *proxy) parseEndpoint() error { func (p *proxy) getSigner() *v4.Signer { // Refresh credentials after expiration. Required for STS if p.credentials == nil { - sess, err := session.NewSession( &aws.Config{ Region: aws.String(p.region), @@ -324,7 +310,6 @@ func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) { fmt.Println() fmt.Println("========================") - fmt.Println("Region: ", p.region) fmt.Println(t.Format("2006/01/02 15:04:05")) fmt.Println("Remote Address: ", r.RemoteAddr) fmt.Println("Request URI: ", proxied.RequestURI()) @@ -342,7 +327,6 @@ func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) { } if p.logtofile { - requestID := primitive.NewObjectID().Hex() reqStruct := &requestStruct{ @@ -408,7 +392,6 @@ func copyHeaders(dst, src http.Header) { dst.Add(k, v) } } - } } @@ -499,16 +482,20 @@ func main() { realm, remoteTerminate, region, - insecure, ) + if insecure == true { + p.httpClient.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + } + if err = p.parseEndpoint(); err != nil { logrus.Fatalln(err) os.Exit(1) } if p.logtofile { - requestFname := fmt.Sprintf("request-%s.log", primitive.NewObjectID().Hex()) if fileRequest, err = os.Create(requestFname); err != nil { log.Fatalln(err.Error()) @@ -523,7 +510,6 @@ func main() { p.fileRequest = fileRequest p.fileResponse = fileResponse - } logrus.Infof("Listening on %s...\n", listenAddress)