v0.0.1 ready

.drone.yml

@@ -0,0 +1,32 @@
+kind: pipeline
+name: default
+steps:
+- name: build
+  image: golang:1.17.2
+  commands:
+    - git tag $DRONE_TAG
+    - bash release.sh
+    - echo -n "latest,${DRONE_TAG#v}" > .tags
+- name: gitea_release
+  image: plugins/gitea-release
+  settings:
+    api_key:
+      from_secret: gitea_api_key
+    base_url: https://kumoly.io
+    files: dist/*
+    checksum:
+      - sha256
+- name: docker  
+  image: plugins/docker
+  settings:
+    username:
+      from_secret: hub_user
+    password: 
+      from_secret: hub_passwd
+    # auto_tag: true
+    mtu: 1000
+    # purge: true
+    repo: hub.kumoly.io/tools/configui
+    registry: hub.kumoly.io
+trigger:
+  event: tag

Dockerfile

@@ -0,0 +1,17 @@
+FROM golang:1.17.2-alpine3.14 as builder
+RUN apk update && apk add --no-cache git tzdata
+WORKDIR /src
+
+COPY go.mod go.sum /src/
+RUN go mod download
+COPY . .
+RUN VERSION=$(git describe --tags --abbrev=0) BUILD=$(git rev-parse --short HEAD) && \
+    GOOS=linux GOARCH=amd64 \
+    go build -ldflags "-X main.Version=${VERSION} -X main.Build=${BUILD} -w" \
+    -o /go/bin/breacher
+
+FROM alpine:3.14
+ENV PATH="/go/bin:${PATH}"
+COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
+COPY --from=builder /go/bin/breacher /go/bin/breacher
+ENTRYPOINT ["/go/bin/breacher"]

breacher/ssh.go

@@ -1,12 +1,18 @@
 package breacher
 
 import (
+	"fmt"
+	"io"
+	"io/ioutil"
 	"log"
 	"net"
+	"os"
 	"strconv"
 	"strings"
 
 	"github.com/spf13/cobra"
+	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/agent"
 )
 
 var (
@@ -14,14 +20,19 @@ var (
 	sKey    string
 )
 
+func init() {
+	sshCmd.Flags().StringVarP(&sPasswd, "password", "p", "", "login using password")
+	sshCmd.Flags().StringVarP(&sKey, "keyfile", "i", "", "login keyfile (path/to/file)")
+}
+
 var sshCmd = &cobra.Command{
 	Use:   "tunnel [from address] [to address] [user@host:port]",
 	Short: "ssh tunneling to access remote services",
 	Long: `ssh tunneling to access remote services
 ex.
-breacher forward :8080 kumoly.io:5080
-breacher forward :8080 :8000
-breacher forward --udp :8080 192.168.51.211:53
+breacher tunnel :8080 host:80 user@example.com -p paswd
+breacher tunnel :8080 :80 user@example.com -i ~/.ssh/id_rsa
+breacher tunnel :8080 kumoly.io:443 user@example.com
 `,
 	Args: cobra.ExactArgs(3),
 	Run: func(cmd *cobra.Command, args []string) {
@@ -42,12 +53,11 @@ breacher forward --udp :8080 192.168.51.211:53
 			log.Fatalln(err)
 		}
 		if localHost == "" {
-			localHost = "localhost"
+			localHost = "0.0.0.0"
 		}
 		if remoteHost == "" {
 			remoteHost = "localhost"
 		}
-		st := NewSSHTunnel(localHost, localPort, remoteHost, remotePort)
 		split := strings.Split(args[2], "@")
 		if len(split) != 2 {
 			log.Fatalln("ssh host name not valid")
@@ -73,22 +83,179 @@ breacher forward --udp :8080 192.168.51.211:53
 				}
 			}
 		}
-
-		st.server.Host = sshHost
-		st.SetPort(sshPort)
-		st.SetUser(usr)
-		st.SetPassword("ubuntu")
-		st.SetDebug(true)
-		st.SetConnState(func(tun *SSHTun, state ConnState) {
-			switch state {
-			case StateStarting:
-				log.Printf("STATE is Starting")
-			case StateStarted:
-				log.Printf("STATE is Started")
-			case StateStopped:
-				log.Printf("STATE is Stopped")
+		var auth ssh.AuthMethod
+		if sPasswd != "" {
+			auth = ssh.Password(sPasswd)
+		} else if sKey != "" {
+			auth = PrivateKeyFile(sKey)
+		} else {
+			auth = SSHAgent()
 		}
-		})
+		st := NewSSHTunnel(
+			&Endpoint{localHost, localPort, ""},
+			&Endpoint{remoteHost, remotePort, ""},
+			&Endpoint{sshHost, sshPort, usr},
+			auth,
+		)
+
 		log.Fatalln(st.Start())
 	},
 }
+
+type Endpoint struct {
+	Host string
+	Port int
+	User string
+}
+
+func (endpoint *Endpoint) String() string {
+	return fmt.Sprintf("%s:%d", endpoint.Host, endpoint.Port)
+}
+
+type SSHTunnel struct {
+	Local    *Endpoint
+	Server   *Endpoint
+	Remote   *Endpoint
+	Config   *ssh.ClientConfig
+	Conns    []net.Conn
+	SvrConns []*ssh.Client
+	isOpen   bool
+	close    chan interface{}
+}
+
+func newConnectionWaiter(listener net.Listener, c chan net.Conn) {
+	conn, err := listener.Accept()
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	c <- conn
+}
+
+func (tunnel *SSHTunnel) Start() error {
+	listener, err := net.Listen("tcp", tunnel.Local.String())
+	if err != nil {
+		return err
+	}
+	tunnel.isOpen = true
+	tunnel.Local.Port = listener.Addr().(*net.TCPAddr).Port
+
+	for {
+		if !tunnel.isOpen {
+			break
+		}
+
+		c := make(chan net.Conn)
+		go newConnectionWaiter(listener, c)
+		log.Println("listening for new connections...")
+
+		select {
+		case <-tunnel.close:
+			log.Println("close signal received, closing...")
+			tunnel.isOpen = false
+		case conn := <-c:
+			tunnel.Conns = append(tunnel.Conns, conn)
+			log.Println("accepted connection")
+			go tunnel.forward(conn)
+		}
+	}
+	var total int
+	total = len(tunnel.Conns)
+	for i, conn := range tunnel.Conns {
+		log.Printf("closing the netConn (%d of %d)\n", i+1, total)
+		err := conn.Close()
+		if err != nil {
+			log.Println(err.Error())
+		}
+	}
+	total = len(tunnel.SvrConns)
+	for i, conn := range tunnel.SvrConns {
+		log.Printf("closing the serverConn (%d of %d)\n", i+1, total)
+		err := conn.Close()
+		if err != nil {
+			log.Println(err.Error())
+		}
+	}
+	err = listener.Close()
+	if err != nil {
+		return err
+	}
+	log.Println("tunnel closed")
+	return nil
+}
+
+func (tunnel *SSHTunnel) forward(localConn net.Conn) {
+	serverConn, err := ssh.Dial("tcp", tunnel.Server.String(), tunnel.Config)
+	if err != nil {
+		log.Printf("server dial error: %s\n", err)
+		return
+	}
+	log.Printf("connected to %s (1 of 2)\n", tunnel.Server.String())
+	tunnel.SvrConns = append(tunnel.SvrConns, serverConn)
+
+	remoteConn, err := serverConn.Dial("tcp", tunnel.Remote.String())
+	if err != nil {
+		log.Printf("remote dial error: %s\n", err)
+		return
+	}
+	tunnel.Conns = append(tunnel.Conns, remoteConn)
+	log.Printf("connected to %s (2 of 2)\n", tunnel.Remote.String())
+	copyConn := func(writer, reader net.Conn) {
+		_, err := io.Copy(writer, reader)
+		if err != nil {
+			log.Printf("io.Copy error: %s\n", err)
+		}
+	}
+	go copyConn(localConn, remoteConn)
+	go copyConn(remoteConn, localConn)
+
+}
+
+func (tunnel *SSHTunnel) Close() {
+	tunnel.close <- struct{}{}
+}
+
+// NewSSHTunnel creates a new single-use tunnel. Supplying "0" for localport will use a random port.
+func NewSSHTunnel(from, to, server *Endpoint, auth ssh.AuthMethod) *SSHTunnel {
+	if server.Port == 0 {
+		server.Port = 22
+	}
+
+	sshTunnel := &SSHTunnel{
+		Config: &ssh.ClientConfig{
+			User: server.User,
+			Auth: []ssh.AuthMethod{auth},
+			HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
+				// Always accept key.
+				return nil
+			},
+		},
+		Local:  from,
+		Server: server,
+		Remote: to,
+		close:  make(chan interface{}),
+	}
+
+	return sshTunnel
+}
+
+func PrivateKeyFile(file string) ssh.AuthMethod {
+	buffer, err := ioutil.ReadFile(file)
+	if err != nil {
+		return nil
+	}
+
+	key, err := ssh.ParsePrivateKey(buffer)
+	if err != nil {
+		return nil
+	}
+
+	return ssh.PublicKeys(key)
+}
+
+func SSHAgent() ssh.AuthMethod {
+	if sshAgent, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK")); err == nil {
+		return ssh.PublicKeysCallback(agent.NewClient(sshAgent).Signers)
+	}
+	return nil
+}

breacher/ssh_lib.go

@@ -1,499 +0,0 @@
-package breacher
-
-import (
-	"context"
-	"fmt"
-	"io"
-	"log"
-	"net"
-	"os"
-	"sync"
-	"time"
-
-	"io/ioutil"
-	"os/user"
-
-	"golang.org/x/crypto/ssh"
-	"golang.org/x/crypto/ssh/agent"
-)
-
-type Endpoint struct {
-	Host       string
-	Port       int
-	UnixSocket string
-}
-
-func (e *Endpoint) connectionString() string {
-	if e.UnixSocket != "" {
-		return e.UnixSocket
-	}
-	return fmt.Sprintf("%s:%d", e.Host, e.Port)
-}
-
-func (e *Endpoint) connectionType() string {
-	if e.UnixSocket != "" {
-		return "unix"
-	}
-	return "tcp"
-}
-
-// AuthType is the type of authentication to use for SSH.
-type AuthType int
-
-const (
-	// AuthTypeKeyFile uses the keys from a SSH key file read from the system.
-	AuthTypeKeyFile AuthType = iota
-	// AuthTypeEncryptedKeyFile uses the keys from an encrypted SSH key file read from the system.
-	AuthTypeEncryptedKeyFile
-	// AuthTypeKeyReader uses the keys from a SSH key reader.
-	AuthTypeKeyReader
-	// AuthTypeEncryptedKeyReader uses the keys from an encrypted SSH key reader.
-	AuthTypeEncryptedKeyReader
-	// AuthTypePassword uses a password directly.
-	AuthTypePassword
-	// AuthTypeSSHAgent will use registered users in the ssh-agent.
-	AuthTypeSSHAgent
-	// AuthTypeAuto tries to get the authentication method automatically. See SSHTun.Start for details on
-	// this.
-	AuthTypeAuto
-)
-
-// SSHTun represents a SSH tunnel
-type SSHTun struct {
-	*sync.Mutex
-	ctx           context.Context
-	cancel        context.CancelFunc
-	errCh         chan error
-	user          string
-	authType      AuthType
-	authKeyFile   string
-	authKeyReader io.Reader
-	authPassword  string
-	server        Endpoint
-	local         Endpoint
-	remote        Endpoint
-	started       bool
-	timeout       time.Duration
-	debug         bool
-	connState     func(*SSHTun, ConnState)
-}
-
-// ConnState represents the state of the SSH tunnel. It's returned to an optional function provided to SetConnState.
-type ConnState int
-
-const (
-	// StateStopped represents a stopped tunnel. A call to Start will make the state to transition to StateStarting.
-	StateStopped ConnState = iota
-
-	// StateStarting represents a tunnel initializing and preparing to listen for connections.
-	// A successful initialization will make the state to transition to StateStarted, otherwise it will transition to StateStopped.
-	StateStarting
-
-	// StateStarted represents a tunnel ready to accept connections.
-	// A call to stop or an error will make the state to transition to StateStopped.
-	StateStarted
-)
-
-// New creates a new SSH tunnel to the specified server redirecting a port on local localhost to a port on remote localhost.
-// By default the SSH connection is made to port 22 as root and using automatic detection of the authentication
-// method (see Start for details on this).
-// Calling SetPassword will change the authentication to password based.
-// Calling SetKeyFile will change the authentication to keyfile based with an optional key file.
-// The SSH user and port can be changed with SetUser and SetPort.
-// The local and remote hosts can be changed to something different than localhost with SetLocalHost and SetRemoteHost.
-// The states of the tunnel can be received throgh a callback function with SetConnState.
-func NewSSHTunnel(localHost string, localPort int, remoteHost string, remotePort int) *SSHTun {
-	return &SSHTun{
-		Mutex: &sync.Mutex{},
-		server: Endpoint{
-			Host: "",
-			Port: 22,
-		},
-		user:         "root",
-		authType:     AuthTypeAuto,
-		authKeyFile:  "",
-		authPassword: "",
-		local: Endpoint{
-			Host: localHost,
-			Port: localPort,
-		},
-		remote: Endpoint{
-			Host: remoteHost,
-			Port: remotePort,
-		},
-		started: false,
-		timeout: time.Second * 15,
-		debug:   false,
-	}
-}
-
-func NewUnix(localUnixSocket string, server string, remoteUnixSocket string) *SSHTun {
-	return &SSHTun{
-		Mutex: &sync.Mutex{},
-		server: Endpoint{
-			Host: server,
-			Port: 22,
-		},
-		user:         "root",
-		authType:     AuthTypeAuto,
-		authKeyFile:  "",
-		authPassword: "",
-		local: Endpoint{
-			UnixSocket: localUnixSocket,
-		},
-		remote: Endpoint{
-			UnixSocket: remoteUnixSocket,
-		},
-		started: false,
-		timeout: time.Second * 15,
-		debug:   false,
-	}
-}
-
-// SetPort changes the port where the SSH connection will be made.
-func (tun *SSHTun) SetPort(port int) {
-	tun.server.Port = port
-}
-
-// SetUser changes the user used to make the SSH connection.
-func (tun *SSHTun) SetUser(user string) {
-	tun.user = user
-}
-
-// SetKeyFile changes the authentication to key-based and uses the specified file.
-// Leaving it empty defaults to the default linux private key location ($HOME/.ssh/id_rsa).
-func (tun *SSHTun) SetKeyFile(file string) {
-	tun.authType = AuthTypeKeyFile
-	tun.authKeyFile = file
-}
-
-// SetEncryptedKeyFile changes the authentication to encrypted key-based and uses the specified file and password.
-// Leaving it empty defaults to the default linux private key location ($HOME/.ssh/id_rsa).
-func (tun *SSHTun) SetEncryptedKeyFile(file string, password string) {
-	tun.authType = AuthTypeEncryptedKeyFile
-	tun.authKeyFile = file
-	tun.authPassword = password
-}
-
-// SetKeyReader changes the authentication to key-based and uses the specified reader.
-// Leaving it empty defaults to the default linux private key location ($HOME/.ssh/id_rsa).
-func (tun *SSHTun) SetKeyReader(reader io.Reader) {
-	tun.authType = AuthTypeKeyReader
-	tun.authKeyReader = reader
-}
-
-// SetEncryptedKeyReader changes the authentication to encrypted key-based and uses the specified reader and password.
-// Leaving it empty defaults to the default linux private key location ($HOME/.ssh/id_rsa).
-func (tun *SSHTun) SetEncryptedKeyReader(reader io.Reader, password string) {
-	tun.authType = AuthTypeEncryptedKeyReader
-	tun.authKeyReader = reader
-	tun.authPassword = password
-}
-
-// SetSSHAgent changes the authentication to ssh-agent.
-func (tun *SSHTun) SetSSHAgent() {
-	tun.authType = AuthTypeSSHAgent
-}
-
-// SetPassword changes the authentication to password-based and uses the specified password.
-func (tun *SSHTun) SetPassword(password string) {
-	tun.authType = AuthTypePassword
-	tun.authPassword = password
-}
-
-// SetLocalHost sets the local host to redirect (defaults to localhost)
-func (tun *SSHTun) SetLocalHost(host string) {
-	tun.local.Host = host
-}
-
-// SetRemoteHost sets the remote host to redirect (defaults to localhost)
-func (tun *SSHTun) SetRemoteHost(host string) {
-	tun.remote.Host = host
-}
-
-// SetTimeout sets the connection timeouts (defaults to 15 seconds).
-func (tun *SSHTun) SetTimeout(timeout time.Duration) {
-	tun.timeout = timeout
-}
-
-// SetDebug enables or disables log messages (disabled by default).
-func (tun *SSHTun) SetDebug(debug bool) {
-	tun.debug = debug
-}
-
-// SetConnState specifies an optional callback function that is called when a SSH tunnel changes state.
-// See the ConnState type and associated constants for details.
-func (tun *SSHTun) SetConnState(connStateFun func(*SSHTun, ConnState)) {
-	tun.connState = connStateFun
-}
-
-// Start starts the SSH tunnel. After this call, all Set* methods will have no effect until Close is called.
-// Note on SSH authentication: in case the tunnel's authType is set to AuthTypeAuto the following will happen:
-// The default key file will be used, if that doesn't succeed it will try to use the SSH agent.
-// If that fails the whole authentication fails.
-// That means if you want to use password or encrypted key file authentication, you have to specify that explicitly.
-func (tun *SSHTun) Start() error {
-	tun.Lock()
-
-	if tun.connState != nil {
-		tun.connState(tun, StateStarting)
-	}
-
-	// SSH config
-	config, err := tun.initSSHConfig()
-	if err != nil {
-		return tun.errNotStarted(err)
-	}
-
-	local := tun.local.connectionString()
-	// Local listener
-	localList, err := net.Listen(tun.local.connectionType(), local)
-	if err != nil {
-		return tun.errNotStarted(fmt.Errorf("local listen on %s failed: %s", local, err.Error()))
-	}
-
-	// Context and error channel
-	tun.ctx, tun.cancel = context.WithCancel(context.Background())
-	tun.errCh = make(chan error)
-
-	// Accept connections
-	go func() {
-		for {
-			localConn, err := localList.Accept()
-			if err != nil {
-				tun.errStarted(fmt.Errorf("local accept on %s failed: %s", local, err.Error()))
-				break
-			}
-			if tun.debug {
-				log.Printf("Accepted connection from %s", localConn.RemoteAddr().String())
-			}
-
-			// Launch the forward
-			go tun.forward(localConn, config)
-		}
-	}()
-
-	// Wait until someone cancels the context and stop accepting connections
-	go func() {
-		<-tun.ctx.Done()
-		localList.Close()
-	}()
-
-	// Now others can call Stop or fail
-	if tun.debug {
-		log.Printf("Listening on %s", local)
-	}
-	tun.started = true
-	if tun.connState != nil {
-		tun.connState(tun, StateStarted)
-	}
-	tun.Unlock()
-
-	// Wait to exit
-	errFromCh := <-tun.errCh
-	return errFromCh
-
-}
-
-func (tun *SSHTun) errNotStarted(err error) error {
-	tun.started = false
-	if tun.connState != nil {
-		tun.connState(tun, StateStopped)
-	}
-	tun.Unlock()
-	return err
-}
-
-func (tun *SSHTun) errStarted(err error) {
-	tun.Lock()
-	if tun.started {
-		tun.cancel()
-		if tun.connState != nil {
-			tun.connState(tun, StateStopped)
-		}
-		tun.started = false
-		tun.errCh <- err
-	}
-	tun.Unlock()
-}
-
-func (tun *SSHTun) initSSHConfig() (*ssh.ClientConfig, error) {
-	config := &ssh.ClientConfig{
-		User: tun.user,
-		HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
-			return nil
-		},
-		Timeout: tun.timeout,
-	}
-
-	authMethod, err := tun.getSSHAuthMethod()
-	if err != nil {
-		return nil, err
-	}
-
-	config.Auth = []ssh.AuthMethod{authMethod}
-
-	return config, nil
-}
-
-func (tun *SSHTun) getSSHAuthMethod() (ssh.AuthMethod, error) {
-	switch tun.authType {
-	case AuthTypeKeyFile:
-		return tun.getSSHAuthMethodForKeyFile(false)
-	case AuthTypeEncryptedKeyFile:
-		return tun.getSSHAuthMethodForKeyFile(true)
-	case AuthTypeKeyReader:
-		return tun.getSSHAuthMethodForKeyReader(false)
-	case AuthTypeEncryptedKeyReader:
-		return tun.getSSHAuthMethodForKeyReader(true)
-	case AuthTypePassword:
-		return ssh.Password(tun.authPassword), nil
-	case AuthTypeSSHAgent:
-		return tun.getSSHAuthMethodForSSHAgent()
-	case AuthTypeAuto:
-		method, err := tun.getSSHAuthMethodForKeyFile(false)
-		if err != nil {
-			return tun.getSSHAuthMethodForSSHAgent()
-		}
-		return method, nil
-	default:
-		return nil, fmt.Errorf("unknown auth type: %d", tun.authType)
-	}
-}
-
-func (tun *SSHTun) getSSHAuthMethodForKeyFile(encrypted bool) (ssh.AuthMethod, error) {
-	if tun.authKeyFile == "" {
-		usr, _ := user.Current()
-		if usr != nil {
-			tun.authKeyFile = usr.HomeDir + "/.ssh/id_rsa"
-		} else {
-			tun.authKeyFile = "/root/.ssh/id_rsa"
-		}
-	}
-	buf, err := ioutil.ReadFile(tun.authKeyFile)
-	if err != nil {
-		return nil, fmt.Errorf("error reading SSH key file %s: %s", tun.authKeyFile, err.Error())
-	}
-	key, err := tun.parsePrivateKey(buf, encrypted)
-	if err != nil {
-		return nil, fmt.Errorf("error reading SSH key file %s: %s", tun.authKeyFile, err.Error())
-	}
-	return key, nil
-}
-
-func (tun *SSHTun) getSSHAuthMethodForKeyReader(encrypted bool) (ssh.AuthMethod, error) {
-	buf, err := ioutil.ReadAll(tun.authKeyReader)
-	if err != nil {
-		return nil, fmt.Errorf("error reading from SSH key reader: %s", err.Error())
-	}
-	key, err := tun.parsePrivateKey(buf, encrypted)
-	if err != nil {
-		return nil, fmt.Errorf("error reading from SSH key reader: %s", err.Error())
-	}
-	return key, nil
-}
-
-func (tun *SSHTun) parsePrivateKey(buf []byte, encrypted bool) (ssh.AuthMethod, error) {
-	var key ssh.Signer
-	var err error
-	if encrypted {
-		key, err = ssh.ParsePrivateKeyWithPassphrase(buf, []byte(tun.authPassword))
-		if err != nil {
-			return nil, fmt.Errorf("error parsing encrypted key: %s", err.Error())
-		}
-	} else {
-		key, err = ssh.ParsePrivateKey(buf)
-		if err != nil {
-			return nil, fmt.Errorf("error parsing key: %s", err.Error())
-		}
-	}
-	return ssh.PublicKeys(key), nil
-}
-
-func (tun *SSHTun) getSSHAuthMethodForSSHAgent() (ssh.AuthMethod, error) {
-	conn, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK"))
-	if err != nil {
-		return nil, fmt.Errorf("error opening unix socket: %s", err)
-	}
-
-	agentClient := agent.NewClient(conn)
-
-	signers, err := agentClient.Signers()
-	if err != nil {
-		return nil, fmt.Errorf("error getting ssh-agent signers: %s", err)
-	}
-
-	if len(signers) == 0 {
-		return nil, fmt.Errorf("no signers from ssh-agent. Use 'ssh-add' to add keys to agent")
-	}
-
-	return ssh.PublicKeys(signers...), nil
-}
-
-func (tun *SSHTun) forward(localConn net.Conn, config *ssh.ClientConfig) {
-	defer localConn.Close()
-
-	local := tun.local.connectionString()
-	server := tun.server.connectionString()
-	remote := tun.remote.connectionString()
-
-	sshConn, err := ssh.Dial(tun.server.connectionType(), server, config)
-	if err != nil {
-		tun.errStarted(fmt.Errorf("SSH connection to %s failed: %s", server, err.Error()))
-		return
-	}
-	defer sshConn.Close()
-	if tun.debug {
-		log.Printf("SSH connection to %s done", server)
-	}
-
-	remoteConn, err := sshConn.Dial(tun.remote.connectionType(), remote)
-	if err != nil {
-		if tun.debug {
-			log.Printf("Remote dial to %s failed: %s", remote, err.Error())
-		}
-		return
-	}
-	defer remoteConn.Close()
-	if tun.debug {
-		log.Printf("Remote connection to %s done", remote)
-	}
-
-	connStr := fmt.Sprintf("%s -(tcp)> %s -(ssh)> %s -(tcp)> %s", localConn.RemoteAddr().String(), local, server, remote)
-	if tun.debug {
-		log.Printf("SSH tunnel OPEN: %s", connStr)
-	}
-
-	myCtx, myCancel := context.WithCancel(tun.ctx)
-
-	go func() {
-		_, err = io.Copy(remoteConn, localConn)
-		if err != nil {
-			//log.Printf("Error on io.Copy remote->local on connection %s: %s", connStr, err.Error())
-			myCancel()
-			return
-		}
-	}()
-
-	go func() {
-		_, err = io.Copy(localConn, remoteConn)
-		if err != nil {
-			//log.Printf("Error on io.Copy local->remote on connection %s: %s", connStr, err.Error())
-			myCancel()
-			return
-		}
-	}()
-
-	<-myCtx.Done()
-	myCancel()
-	if tun.debug {
-		log.Printf("SSH tunnel CLOSE: %s", connStr)
-	}
-
-}
-
-// Stop closes the SSH tunnel and its connections.
-// After this call all Set* methods will have effect and Start can be called again.
-func (tun *SSHTun) Stop() {
-	tun.errStarted(nil)
-}

build.sh

@@ -0,0 +1,34 @@
+VERSION=$(git describe --tags --abbrev=0)
+if [ $? -ne 0 ]; then VERSION=$DRONE_TAG; fi
+BUILD=$(git rev-parse --short HEAD)
+if [ $? -ne 0 ]; then BUILD=${DRONE_COMMIT:0:7}; fi
+
+PROJ=breacher
+HUB=hub.kumoly.io
+HUB_PROJECT=tools
+DIST=dist
+
+LDFLAGS="-ldflags \"-X main.Version=${VERSION} -X main.Build=${BUILD} -w\""
+FAILURES=""
+
+PLATFORMS="darwin/amd64 darwin/arm64"
+PLATFORMS="$PLATFORMS windows/amd64"
+PLATFORMS="$PLATFORMS linux/amd64"
+
+
+for PLATFORM in $PLATFORMS; do
+  GOOS=${PLATFORM%/*}
+  GOARCH=${PLATFORM#*/}
+  BIN_FILENAME="${PROJ}"
+  if [[ "${GOOS}" == "windows" ]]; then BIN_FILENAME="${BIN_FILENAME}.exe"; fi
+  CMD="GOOS=${GOOS} GOARCH=${GOARCH} go build ${LDFLAGS} -o ${DIST}/${BIN_FILENAME} $@"
+  echo "${CMD}"
+  eval $CMD || FAILURES="${FAILURES} ${PLATFORM}"
+  sh -c "cd ${DIST} && tar -czf ${PROJ}-${VERSION}-${GOOS}-${GOARCH}.tar.gz ${BIN_FILENAME} && rm ${BIN_FILENAME}"
+done
+
+if [[ "${FAILURES}" != "" ]]; then
+  echo ""
+  echo "${SCRIPT_NAME} failed on: ${FAILURES}"
+  exit 1
+fi