From d250ab9a48b3ce044c1d6e2244a739471cace7d3 Mon Sep 17 00:00:00 2001 From: Anders Brander Date: Fri, 14 Feb 2020 13:09:47 +0100 Subject: [PATCH 1/2] Added --dump for debugging HTTP. --- main.go | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index 3549b85..830e99c 100644 --- a/main.go +++ b/main.go @@ -8,6 +8,7 @@ import ( "log/syslog" "net" "net/http" + "net/http/httputil" "os" "regexp" "strconv" @@ -31,19 +32,23 @@ var ( hostname string port uint16 + useSyslog = true url string guessRemoteIP bool + dumpPath string rootCmd = &cobra.Command{ - Use: appName, - Short: "A helper for OpenSSH's AuthorizedKeysCommand", - Run: root, + Use: appName, + PreRun: prerun, + Short: "A helper for OpenSSH's AuthorizedKeysCommand", + Run: root, } + + dumpWriter io.Writer ) func init() { helpFlag := false - useSyslog := true // Trick to use '-h' for something else than help. This works by // replacing the default help flag with one with no shorthand set. @@ -64,7 +69,10 @@ func init() { rootCmd.PersistentFlags().StringVarP(&url, "url", "", "", "URL to use") rootCmd.PersistentFlags().BoolVarP(&guessRemoteIP, "guess-remote-ip", "", true, "Try to guess remote IP. Requires root") rootCmd.PersistentFlags().BoolVarP(&useSyslog, "use-syslog", "", useSyslog, "Log to syslog") + rootCmd.PersistentFlags().StringVarP(&dumpPath, "dump", "", "", "Dump HTTP request/response to path") +} +func prerun(_ *cobra.Command, _ []string) { if useSyslog { writer, err := syslog.New(syslog.LOG_ERR|syslog.LOG_AUTH, appName) if err != nil { @@ -73,6 +81,14 @@ func init() { log.SetOutput(writer) } + + if dumpPath != "" { + w, err := os.OpenFile(dumpPath, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600) + if err != nil { + log.Fatalf("Error opening %s: %s", dumpPath, err.Error()) + } + dumpWriter = w + } } // httpDo will try a http request multiple times if the server responds @@ -84,12 +100,22 @@ func httpDo(req *http.Request) (*http.Response, error) { panic("httpDo() only supports requests without body") } + if dumpWriter != nil { + d, _ := httputil.DumpRequestOut(req, false) + _, _ = dumpWriter.Write(d) + } + for retryCount := 0; retryCount < 5; retryCount++ { resp, err := http.DefaultClient.Do(req) if err != nil { return nil, err } + if dumpWriter != nil { + d, _ := httputil.DumpResponse(resp, false) + _, _ = dumpWriter.Write(d) + } + if resp.StatusCode < 500 { return resp, err } From d2c38fb1aab5789d82e349246f0646bc48de5d42 Mon Sep 17 00:00:00 2001 From: Anders Brander Date: Fri, 14 Feb 2020 13:10:46 +0100 Subject: [PATCH 2/2] Add doc. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 04494f4..fe620c0 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,7 @@ The following tokens from OpenSSH are supported: | --port | 22 | TCP port of the local SSH server | | --use-syslog | true | Log to syslog | | --guess-remote-ip | true | Try to guess remote IP. Requires root | +| --dump | | Dump HTTP traffic to path | ## Implement the server-side