Repository: inconshreveable/ngrok Branch: master Commit: 61d48289f3bf Files: 66 Total size: 271.5 KB Directory structure: gitextract_7xnxnl94/ ├── .gitignore ├── .travis.yml ├── CONTRIBUTORS ├── LICENSE ├── Makefile ├── README.md ├── assets/ │ ├── client/ │ │ ├── page.html │ │ ├── static/ │ │ │ └── js/ │ │ │ ├── angular.js │ │ │ ├── base64.js │ │ │ ├── jquery.timeago.js │ │ │ ├── ngrok.js │ │ │ └── vkbeautify.js │ │ └── tls/ │ │ ├── ngrokroot.crt │ │ └── snakeoilca.crt │ └── server/ │ └── tls/ │ ├── snakeoil.crt │ └── snakeoil.key ├── contrib/ │ └── com.ngrok.client.plist ├── docs/ │ ├── CHANGELOG.md │ ├── DEVELOPMENT.md │ └── SELFHOSTING.md └── src/ └── ngrok/ ├── cache/ │ └── lru.go ├── client/ │ ├── cli.go │ ├── config.go │ ├── controller.go │ ├── debug.go │ ├── main.go │ ├── metrics.go │ ├── model.go │ ├── mvc/ │ │ ├── controller.go │ │ ├── model.go │ │ ├── state.go │ │ └── view.go │ ├── release.go │ ├── tls.go │ ├── update_debug.go │ ├── update_release.go │ └── views/ │ ├── term/ │ │ ├── area.go │ │ ├── http.go │ │ └── view.go │ └── web/ │ ├── http.go │ └── view.go ├── conn/ │ ├── conn.go │ └── tee.go ├── log/ │ └── logger.go ├── main/ │ ├── ngrok/ │ │ └── ngrok.go │ └── ngrokd/ │ └── ngrokd.go ├── msg/ │ ├── conn.go │ ├── msg.go │ └── pack.go ├── proto/ │ ├── http.go │ ├── interface.go │ └── tcp.go ├── server/ │ ├── cli.go │ ├── control.go │ ├── http.go │ ├── main.go │ ├── metrics.go │ ├── registry.go │ ├── tls.go │ └── tunnel.go ├── util/ │ ├── broadcast.go │ ├── errors.go │ ├── id.go │ ├── ring.go │ └── shutdown.go └── version/ └── version.go ================================================ FILE CONTENTS ================================================ ================================================ FILE: .gitignore ================================================ *.swp bin/ pkg/ src/code.google.com src/github.com src/bitbucket.org src/launchpad.net src/gopkg.in src/ngrok/client/assets/ src/ngrok/server/assets/ ================================================ FILE: .travis.yml ================================================ sudo: false language: go script: make release-all install: true go: - 1.4 - 1.5 - 1.6 - tip matrix: allow_failures: - go: tip ================================================ FILE: CONTRIBUTORS ================================================ Contributors to ngrok, both large and small: - Alan Shreve - Brandon Philips - Caleb Spare - Jay Hayes - Kevin Burke - Kyle Conroy - Nick Presta - Stephen Huenneke - inconshreveable - jzs ================================================ FILE: LICENSE ================================================ Copyright 2013 Alan Shreve Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================ FILE: Makefile ================================================ .PHONY: default server client deps fmt clean all release-all assets client-assets server-assets contributors export GOPATH:=$(shell pwd) BUILDTAGS=debug default: all deps: assets go get -tags '$(BUILDTAGS)' -d -v ngrok/... server: deps go install -tags '$(BUILDTAGS)' ngrok/main/ngrokd fmt: go fmt ngrok/... client: deps go install -tags '$(BUILDTAGS)' ngrok/main/ngrok assets: client-assets server-assets bin/go-bindata: GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata client-assets: bin/go-bindata bin/go-bindata -nomemcopy -pkg=assets -tags=$(BUILDTAGS) \ -debug=$(if $(findstring debug,$(BUILDTAGS)),true,false) \ -o=src/ngrok/client/assets/assets_$(BUILDTAGS).go \ assets/client/... server-assets: bin/go-bindata bin/go-bindata -nomemcopy -pkg=assets -tags=$(BUILDTAGS) \ -debug=$(if $(findstring debug,$(BUILDTAGS)),true,false) \ -o=src/ngrok/server/assets/assets_$(BUILDTAGS).go \ assets/server/... release-client: BUILDTAGS=release release-client: client release-server: BUILDTAGS=release release-server: server release-all: fmt release-client release-server all: fmt client server clean: go clean -i -r ngrok/... rm -rf src/ngrok/client/assets/ src/ngrok/server/assets/ contributors: echo "Contributors to ngrok, both large and small:\n" > CONTRIBUTORS git log --raw | grep "^Author: " | sort | uniq | cut -d ' ' -f2- | sed 's/^/- /' | cut -d '<' -f1 >> CONTRIBUTORS ================================================ FILE: README.md ================================================ # ngrok - Unified Ingress for Developers [https://ngrok.com](https://ngrok.com) ## ngrok Community on GitHub If you are having an issue with the ngrok cloud service please open an issue on the [ngrok community on GitHub](https://github.com/ngrok/ngrok) ## This repository is archived This is the GitHub repository for the old v1 version of ngrok which was actively developed from 2013-2016. **This repository is archived: ngrok v1 is no longer developed, supported or maintained.** Thank you to everyone who contributed to ngrok v1 it in its early days with PRs, issues and feedback. If you wish to continue development on this codebase, please fork it. ngrok's cloud service continues to operate and you can sign up for it here: [https://ngrok.com/signup](https://ngrok.com/signup) ## What is ngrok? ngrok is a globally distributed reverse proxy that secures, protects and accelerates your applications and network services, no matter where you run them. You can think of ngrok as the front door to your applications. ngrok combines your reverse proxy, firewall, API gateway, and global load balancing into one. ngrok can capture and analyze all traffic to your web service for later inspection and replay. To use ngrok, sign up at [https://ngrok.com/signup](https://ngrok.com/signup) ## ngrok open-source development ngrok continues to contribute to the open source ecosystem at [https://github.com/ngrok](https://github.com/ngrok) with: - [The ngrok kubernetes operator](https://github.com/ngrok/kubernetes-ingress-controller) - [The ngrok agent SDKs](https://ngrok.com/docs/agent-sdks/) for [Python](https://github.com/ngrok/ngrok-python), [JavaScript](https://github.com/ngrok/ngrok-javascript), [Go](https://github.com/ngrok/ngrok-go), [Rust](https://github.com/ngrok/ngrok-rust) and [Java](https://github.com/ngrok/ngrok-java) ## What is ngrok for? [What can you do with ngrok?](https://ngrok.com/docs/what-is-ngrok/#what-can-you-do-with-ngrok) - Site-to-site Connectivity: Connect securely to APIs and databases in your customers' networks without complex network configuration. - Developer Previews: Demoing an app from your local machine without deploying it - Webhook Testing: Developing any services which consume webhooks (HTTP callbacks) by allowing you to replay those requests - API Gateway: An global gateway-as-a-service that works for API running anywhere with simple CEL-based traffic policy for rate limiting, jwt authentication and more. - Device Gateway: Run ngrok on your IoT devices to control device APIs from your cloud - Debug and understand any web service by inspecting the HTTP traffic to it ================================================ FILE: assets/client/page.html ================================================ ngrok
ngrok

No requests to display yet

To get started, make a request to one of your tunnel URLs:

All Requests

{{ txn.Req.MethodPath }}
 {{ txn.Resp.Status }} {{ txn.Duration }}
{{TimeFormat(Txn.Start)}}
Duration {{Txn.Duration}}
IP {{Txn.ConnCtx.ClientAddr.split(":")[0]}}

{{ Req.MethodPath }}

{{ Req.RawText }}
{{ Req.RawBytes }}

{{ Resp.Status }}

{{ Resp.RawText }}
{{ Resp.RawBytes }}
================================================ FILE: assets/client/static/js/angular.js ================================================ /* AngularJS v1.1.5 (c) 2010-2012 Google, Inc. http://angularjs.org License: MIT */ (function(M,T,p){'use strict';function lc(){var b=M.angular;M.angular=mc;return b}function Xa(b){return!b||typeof b.length!=="number"?!1:typeof b.hasOwnProperty!="function"&&typeof b.constructor!="function"?!0:b instanceof R||ga&&b instanceof ga||Ea.call(b)!=="[object Object]"||typeof b.callee==="function"}function n(b,a,c){var d;if(b)if(H(b))for(d in b)d!="prototype"&&d!="length"&&d!="name"&&b.hasOwnProperty(d)&&a.call(c,b[d],d);else if(b.forEach&&b.forEach!==n)b.forEach(a,c);else if(Xa(b))for(d= 0;d=0&&b.splice(c,1);return a}function V(b,a){if(sa(b)||b&&b.$evalAsync&&b.$watch)throw Error("Can't copy Window or Scope");if(a){if(b===a)throw Error("Can't copy equivalent objects or arrays");if(F(b))for(var c=a.length=0;c2?ka.call(arguments,2):[];return H(a)&&!(a instanceof RegExp)?c.length?function(){return arguments.length?a.apply(b,c.concat(ka.call(arguments,0))):a.apply(b,c)}:function(){return arguments.length?a.apply(b,arguments):a.call(b)}:a}function qc(b,a){var c=a;/^\$+/.test(b)?c=p:sa(a)?c="$WINDOW":a&&T===a?c="$DOCUMENT":a&&a.$evalAsync&& a.$watch&&(c="$SCOPE");return c}function ha(b,a){return JSON.stringify(b,qc,a?" ":null)}function ub(b){return E(b)?JSON.parse(b):b}function ua(b){b&&b.length!==0?(b=I(""+b),b=!(b=="f"||b=="0"||b=="false"||b=="no"||b=="n"||b=="[]")):b=!1;return b}function va(b){b=w(b).clone();try{b.html("")}catch(a){}var c=w("
").append(b).html();try{return b[0].nodeType===3?I(c):c.match(/^(<[^>]+>)/)[1].replace(/^<([\w\-]+)/,function(a,b){return"<"+I(b)})}catch(d){return I(c)}}function vb(b){var a={},c,d;n((b|| "").split("&"),function(b){b&&(c=b.split("="),d=decodeURIComponent(c[0]),a[d]=B(c[1])?decodeURIComponent(c[1]):!0)});return a}function wb(b){var a=[];n(b,function(b,d){a.push(wa(d,!0)+(b===!0?"":"="+wa(b,!0)))});return a.length?a.join("&"):""}function ab(b){return wa(b,!0).replace(/%26/gi,"&").replace(/%3D/gi,"=").replace(/%2B/gi,"+")}function wa(b,a){return encodeURIComponent(b).replace(/%40/gi,"@").replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,a?"%20":"+")}function rc(b, a){function c(a){a&&d.push(a)}var d=[b],e,g,i=["ng:app","ng-app","x-ng-app","data-ng-app"],f=/\sng[:\-]app(:\s*([\w\d_]+);?)?\s/;n(i,function(a){i[a]=!0;c(T.getElementById(a));a=a.replace(":","\\:");b.querySelectorAll&&(n(b.querySelectorAll("."+a),c),n(b.querySelectorAll("."+a+"\\:"),c),n(b.querySelectorAll("["+a+"]"),c))});n(d,function(a){if(!e){var b=f.exec(" "+a.className+" ");b?(e=a,g=(b[2]||"").replace(/\s+/g,",")):n(a.attributes,function(b){if(!e&&i[b.name])e=a,g=b.value})}});e&&a(e,g?[g]:[])} function xb(b,a){var c=function(){b=w(b);a=a||[];a.unshift(["$provide",function(a){a.value("$rootElement",b)}]);a.unshift("ng");var c=yb(a);c.invoke(["$rootScope","$rootElement","$compile","$injector","$animator",function(a,b,c,d,e){a.$apply(function(){b.data("$injector",d);c(b)(a)});e.enabled(!0)}]);return c},d=/^NG_DEFER_BOOTSTRAP!/;if(M&&!d.test(M.name))return c();M.name=M.name.replace(d,"");Ha.resumeBootstrap=function(b){n(b,function(b){a.push(b)});c()}}function bb(b,a){a=a||"_";return b.replace(sc, function(b,d){return(d?a:"")+b.toLowerCase()})}function cb(b,a,c){if(!b)throw Error("Argument '"+(a||"?")+"' is "+(c||"required"));return b}function xa(b,a,c){c&&F(b)&&(b=b[b.length-1]);cb(H(b),a,"not a function, got "+(b&&typeof b=="object"?b.constructor.name||"Object":typeof b));return b}function tc(b){function a(a,b,e){return a[b]||(a[b]=e())}return a(a(b,"angular",Object),"module",function(){var b={};return function(d,e,g){e&&b.hasOwnProperty(d)&&(b[d]=null);return a(b,d,function(){function a(c, d,e){return function(){b[e||"push"]([c,d,arguments]);return m}}if(!e)throw Error("No module: "+d);var b=[],c=[],j=a("$injector","invoke"),m={_invokeQueue:b,_runBlocks:c,requires:e,name:d,provider:a("$provide","provider"),factory:a("$provide","factory"),service:a("$provide","service"),value:a("$provide","value"),constant:a("$provide","constant","unshift"),animation:a("$animationProvider","register"),filter:a("$filterProvider","register"),controller:a("$controllerProvider","register"),directive:a("$compileProvider", "directive"),config:j,run:function(a){c.push(a);return this}};g&&j(g);return m})}})}function Ia(b){return b.replace(uc,function(a,b,d,e){return e?d.toUpperCase():d}).replace(vc,"Moz$1")}function db(b,a){function c(){var e;for(var b=[this],c=a,i,f,h,j,m,k;b.length;){i=b.shift();f=0;for(h=i.length;f 
"+b;a.removeChild(a.firstChild);eb(this,a.childNodes);this.remove()}else eb(this,b)}function fb(b){return b.cloneNode(!0)}function ya(b){zb(b);for(var a=0,b=b.childNodes||[];a-1}function Cb(b,a){a&&n(a.split(" "),function(a){b.className=U((" "+b.className+" ").replace(/[\n\t]/g," ").replace(" "+U(a)+" "," "))})}function Db(b,a){a&&n(a.split(" "),function(a){if(!La(b,a))b.className=U(b.className+" "+U(a))})}function eb(b,a){if(a)for(var a=!a.nodeName&&B(a.length)&&!sa(a)?a:[a],c=0;c 4096 bytes)!")}else{if(h.cookie!==D){D=h.cookie;d=D.split("; ");G={};for(f=0;f0&&(a=unescape(e.substring(0,j)),G[a]===p&&(G[a]=unescape(e.substring(j+1))))}return G}};f.defer=function(a,b){var c;o++;c=k(function(){delete u[c];e(a)},b||0);u[c]=!0;return c};f.defer.cancel=function(a){return u[a]?(delete u[a],l(a),e(q),!0):!1}}function Ec(){this.$get= ["$window","$log","$sniffer","$document",function(b,a,c,d){return new Dc(b,d,a,c)}]}function Fc(){this.$get=function(){function b(b,d){function e(a){if(a!=k){if(l){if(l==a)l=a.n}else l=a;g(a.n,a.p);g(a,k);k=a;k.n=null}}function g(a,b){if(a!=b){if(a)a.p=b;if(b)b.n=a}}if(b in a)throw Error("cacheId "+b+" taken");var i=0,f=t({},d,{id:b}),h={},j=d&&d.capacity||Number.MAX_VALUE,m={},k=null,l=null;return a[b]={put:function(a,b){var c=m[a]||(m[a]={key:a});e(c);if(!C(b))return a in h||i++,h[a]=b,i>j&&this.remove(l.key), b},get:function(a){var b=m[a];if(b)return e(b),h[a]},remove:function(a){var b=m[a];if(b){if(b==k)k=b.p;if(b==l)l=b.n;g(b.n,b.p);delete m[a];delete h[a];i--}},removeAll:function(){h={};i=0;m={};k=l=null},destroy:function(){m=f=h=null;delete a[b]},info:function(){return t({},f,{size:i})}}}var a={};b.info=function(){var b={};n(a,function(a,e){b[e]=a.info()});return b};b.get=function(b){return a[b]};return b}}function Gc(){this.$get=["$cacheFactory",function(b){return b("templates")}]}function Jb(b){var a= {},c="Directive",d=/^\s*directive\:\s*([\d\w\-_]+)\s+(.*)$/,e=/(([\d\w\-_]+)(?:\:([^;]+))?;?)/,g="Template must have exactly one root element. was: ",i=/^\s*(https?|ftp|mailto|file):/;this.directive=function h(d,e){E(d)?(cb(e,"directive"),a.hasOwnProperty(d)||(a[d]=[],b.factory(d+c,["$injector","$exceptionHandler",function(b,c){var e=[];n(a[d],function(a){try{var g=b.invoke(a);if(H(g))g={compile:S(g)};else if(!g.compile&&g.link)g.compile=S(g.link);g.priority=g.priority||0;g.name=g.name||d;g.require= g.require||g.controller&&g.name;g.restrict=g.restrict||"A";e.push(g)}catch(h){c(h)}});return e}])),a[d].push(e)):n(d,rb(h));return this};this.urlSanitizationWhitelist=function(a){return B(a)?(i=a,this):i};this.$get=["$injector","$interpolate","$exceptionHandler","$http","$templateCache","$parse","$controller","$rootScope","$document",function(b,j,m,k,l,u,o,z,r){function y(a,b,c){a instanceof w||(a=w(a));n(a,function(b,c){b.nodeType==3&&b.nodeValue.match(/\S+/)&&(a[c]=w(b).wrap("").parent()[0])}); var d=W(a,b,a,c);return function(b,c){cb(b,"scope");for(var e=c?Ba.clone.call(a):a,j=0,g=e.length;js.priority)break;if(t=s.scope)O("isolated scope",K,s,J),L(t)&&(x(J,"ng-isolate-scope"),K=s),x(J,"ng-scope"),r=r||s;A=s.name;if(t=s.controller)q=q||{},O("'"+A+"' controller",q[A],s,J),q[A]=s;if(t=s.transclude)O("transclusion",G,s,J),G=s,l=s.priority,t=="element"?(Y=w(b),J=c.$$element=w(T.createComment(" "+A+": "+c[A]+" ")),b=J[0],ja(e,w(Y[0]),b),P=y(Y,d,l)):(Y=w(fb(b)).contents(), J.html(""),P=y(Y,d));if(s.template)if(O("template",W,s,J),W=s,t=H(s.template)?s.template(J,c):s.template,t=Lb(t),s.replace){Y=w("
"+U(t)+"
").contents();b=Y[0];if(Y.length!=1||b.nodeType!==1)throw Error(g+t);ja(e,J,b);A={$attr:{}};a=a.concat(v(b,a.splice(B+1,a.length-(B+1)),A));D(c,A);C=a.length}else J.html(t);if(s.templateUrl)O("template",W,s,J),W=s,k=$(a.splice(B,a.length-B),k,J,c,e,s.replace,P),C=a.length;else if(s.compile)try{na=s.compile(J,c,P),H(na)?h(null,na):na&&h(na.pre,na.post)}catch(I){m(I, va(J))}if(s.terminal)k.terminal=!0,l=Math.max(l,s.priority)}k.scope=r&&r.scope;k.transclude=G&&P;return k}function G(d,e,j,g){var l=!1;if(a.hasOwnProperty(e))for(var k,e=b.get(e+c),i=0,o=e.length;ik.priority)&&k.restrict.indexOf(j)!=-1)d.push(k),l=!0}catch(u){m(u)}return l}function D(a,b){var c=b.$attr,d=a.$attr,e=a.$$element;n(a,function(d,e){e.charAt(0)!="$"&&(b[e]&&(d+=(e==="style"?";":" ")+b[e]),a.$set(e,d,!0,c[e]))});n(b,function(b,j){j=="class"?(x(e,b),a["class"]= (a["class"]?a["class"]+" ":"")+b):j=="style"?e.attr("style",e.attr("style")+";"+b):j.charAt(0)!="$"&&!a.hasOwnProperty(j)&&(a[j]=b,d[j]=c[j])})}function $(a,b,c,d,e,j,h){var i=[],o,m,u=c[0],z=a.shift(),r=t({},z,{controller:null,templateUrl:null,transclude:null,scope:null}),z=H(z.templateUrl)?z.templateUrl(c,d):z.templateUrl;c.html("");k.get(z,{cache:l}).success(function(l){var k,z,l=Lb(l);if(j){z=w("
"+U(l)+"
").contents();k=z[0];if(z.length!=1||k.nodeType!==1)throw Error(g+l);l={$attr:{}}; ja(e,c,k);v(k,a,l);D(d,l)}else k=u,c.html(l);a.unshift(r);o=A(a,k,d,h);for(m=W(c[0].childNodes,h);i.length;){var ea=i.shift(),l=i.shift();z=i.shift();var x=i.shift(),y=k;l!==u&&(y=fb(k),ja(z,w(l),y));o(function(){b(m,ea,y,e,x)},ea,y,e,x)}i=null}).error(function(a,b,c,d){throw Error("Failed to load template: "+d.url);});return function(a,c,d,e,j){i?(i.push(c),i.push(d),i.push(e),i.push(j)):o(function(){b(m,c,d,e,j)},c,d,e,j)}}function K(a,b){return b.priority-a.priority}function O(a,b,c,d){if(b)throw Error("Multiple directives ["+ b.name+", "+c.name+"] asking for "+a+" on: "+va(d));}function P(a,b){var c=j(b,!0);c&&a.push({priority:0,compile:S(function(a,b){var d=b.parent(),e=d.data("$binding")||[];e.push(c);x(d.data("$binding",e),"ng-binding");a.$watch(c,function(a){b[0].nodeValue=a})})})}function s(a,b,c,d){var e=j(c,!0);e&&b.push({priority:100,compile:S(function(a,b,c){b=c.$$observers||(c.$$observers={});if(e=j(c[d],!0))c[d]=e(a),(b[d]||(b[d]=[])).$$inter=!0,(c.$$observers&&c.$$observers[d].$$scope||a).$watch(e,function(a){c.$set(d, a)})})})}function ja(a,b,c){var d=b[0],e=d.parentNode,j,g;if(a){j=0;for(g=a.length;j0){var e=O[0],f=e.text;if(f==a||f==b||f==c||f==d||!a&&!b&&!c&&!d)return e}return!1}function f(b, c,d,f){return(b=i(b,c,d,f))?(a&&!b.json&&e("is not valid json",b),O.shift(),b):!1}function h(a){f(a)||e("is unexpected, expecting ["+a+"]",i())}function j(a,b){return t(function(c,d){return a(c,d,b)},{constant:b.constant})}function m(a,b,c){return t(function(d,e){return a(d,e)?b(d,e):c(d,e)},{constant:a.constant&&b.constant&&c.constant})}function k(a,b,c){return t(function(d,e){return b(d,e,a,c)},{constant:a.constant&&c.constant})}function l(){for(var a=[];;)if(O.length>0&&!i("}",")",";","]")&&a.push(w()), !f(";"))return a.length==1?a[0]:function(b,c){for(var d,e=0;e","<=",">="))a=k(a,b.fn,x());return a}function n(){for(var a=v(),b;b=f("*","/","%");)a=k(a,b.fn,v());return a}function v(){var a;return f("+")?A():(a=f("-"))?k($,a.fn,v()):(a=f("!"))?j(a.fn,v()):A()}function A(){var a;if(f("("))a=w(),h(")");else if(f("["))a=G();else if(f("{"))a=D();else{var b=f();(a= b.fn)||e("not a primary expression",b);if(b.json)a.constant=a.literal=!0}for(var c;b=f("(","[",".");)b.text==="("?(a=s(a,c),c=null):b.text==="["?(c=a,a=ma(a)):b.text==="."?(c=a,a=ja(a)):e("IMPOSSIBLE");return a}function G(){var a=[],b=!0;if(g().text!="]"){do{var c=P();a.push(c);c.constant||(b=!1)}while(f(","))}h("]");return t(function(b,c){for(var d=[],e=0;e1;d++){var e=a.shift(),g=b[e];g||(g={},b[e]=g);b=g}return b[a.shift()]=c}function ib(b,a,c){if(!a)return b;for(var a=a.split("."),d,e=b,g=a.length,i=0;ia)for(b in g++,e)e.hasOwnProperty(b)&&!f.hasOwnProperty(b)&&(x--,delete e[b])}else e!==f&&(e=f,g++);return g}, function(){b(f,e,c)})},$digest:function(){var a,d,e,i,u=this.$$asyncQueue,o,z,r=b,n,x=[],p,v;g("$digest");do{z=!1;for(n=this;u.length;)try{n.$eval(u.shift())}catch(A){c(A)}do{if(i=n.$$watchers)for(o=i.length;o--;)try{if(a=i[o],(d=a.get(n))!==(e=a.last)&&!(a.eq?ia(d,e):typeof d=="number"&&typeof e=="number"&&isNaN(d)&&isNaN(e)))z=!0,a.last=a.eq?V(d):d,a.fn(d,e===f?d:e,n),r<5&&(p=4-r,x[p]||(x[p]=[]),v=H(a.exp)?"fn: "+(a.exp.name||a.exp.toString()):a.exp,v+="; newVal: "+ha(d)+"; oldVal: "+ha(e),x[p].push(v))}catch(G){c(G)}if(!(i= n.$$childHead||n!==this&&n.$$nextSibling))for(;n!==this&&!(i=n.$$nextSibling);)n=n.$parent}while(n=i);if(z&&!r--)throw h.$$phase=null,Error(b+" $digest() iterations reached. Aborting!\nWatchers fired in the last 5 iterations: "+ha(x));}while(z||u.length);h.$$phase=null},$destroy:function(){if(!(h==this||this.$$destroyed)){var a=this.$parent;this.$broadcast("$destroy");this.$$destroyed=!0;if(a.$$childHead==this)a.$$childHead=this.$$nextSibling;if(a.$$childTail==this)a.$$childTail=this.$$prevSibling; if(this.$$prevSibling)this.$$prevSibling.$$nextSibling=this.$$nextSibling;if(this.$$nextSibling)this.$$nextSibling.$$prevSibling=this.$$prevSibling;this.$parent=this.$$nextSibling=this.$$prevSibling=this.$$childHead=this.$$childTail=null}},$eval:function(a,b){return d(a)(this,b)},$evalAsync:function(a){this.$$asyncQueue.push(a)},$apply:function(a){try{return g("$apply"),this.$eval(a)}catch(b){c(b)}finally{h.$$phase=null;try{h.$digest()}catch(d){throw c(d),d;}}},$on:function(a,b){var c=this.$$listeners[a]; c||(this.$$listeners[a]=c=[]);c.push(b);return function(){c[Ga(c,b)]=null}},$emit:function(a,b){var d=[],e,f=this,g=!1,i={name:a,targetScope:f,stopPropagation:function(){g=!0},preventDefault:function(){i.defaultPrevented=!0},defaultPrevented:!1},h=[i].concat(ka.call(arguments,1)),n,x;do{e=f.$$listeners[a]||d;i.currentScope=f;n=0;for(x=e.length;n7),hasEvent:function(a){if(a=="input"&&Z==9)return!1;if(C(c[a])){var b= e.createElement("div");c[a]="on"+a in b}return c[a]},csp:e.securityPolicy?e.securityPolicy.isActive:!1,vendorPrefix:g,transitions:h,animations:j}}]}function Zc(){this.$get=S(M)}function Wb(b){var a={},c,d,e;if(!b)return a;n(b.split("\n"),function(b){e=b.indexOf(":");c=I(U(b.substr(0,e)));d=U(b.substr(e+1));c&&(a[c]?a[c]+=", "+d:a[c]=d)});return a}function $c(b,a){var c=ad.exec(b);if(c==null)return!0;var d={protocol:c[2],host:c[4],port:N(c[6])||Oa[c[2]]||null,relativeProtocol:c[2]===p||c[2]===""}, c=jb.exec(a),c={protocol:c[1],host:c[3],port:N(c[5])||Oa[c[1]]||null};return(d.protocol==c.protocol||d.relativeProtocol)&&d.host==c.host&&(d.port==c.port||d.relativeProtocol&&c.port==Oa[c.protocol])}function Xb(b){var a=L(b)?b:p;return function(c){a||(a=Wb(b));return c?a[I(c)]||null:a}}function Yb(b,a,c){if(H(c))return c(b,a);n(c,function(c){b=c(b,a)});return b}function bd(){var b=/^\s*(\[|\{[^\{])/,a=/[\}\]]\s*$/,c=/^\)\]\}',?\n/,d={"Content-Type":"application/json;charset=utf-8"},e=this.defaults= {transformResponse:[function(d){E(d)&&(d=d.replace(c,""),b.test(d)&&a.test(d)&&(d=ub(d,!0)));return d}],transformRequest:[function(a){return L(a)&&Ea.apply(a)!=="[object File]"?ha(a):a}],headers:{common:{Accept:"application/json, text/plain, */*"},post:d,put:d,patch:d},xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN"},g=this.interceptors=[],i=this.responseInterceptors=[];this.$get=["$httpBackend","$browser","$cacheFactory","$rootScope","$q","$injector",function(a,b,c,d,k,l){function u(a){function c(a){var b= t({},a,{data:Yb(a.data,a.headers,d.transformResponse)});return 200<=a.status&&a.status<300?b:k.reject(b)}var d={transformRequest:e.transformRequest,transformResponse:e.transformResponse},f={};t(d,a);d.headers=f;d.method=oa(d.method);t(f,e.headers.common,e.headers[I(d.method)],a.headers);(a=$c(d.url,b.url())?b.cookies()[d.xsrfCookieName||e.xsrfCookieName]:p)&&(f[d.xsrfHeaderName||e.xsrfHeaderName]=a);var g=[function(a){var b=Yb(a.data,Xb(f),a.transformRequest);C(a.data)&&delete f["Content-Type"];if(C(a.withCredentials)&& !C(e.withCredentials))a.withCredentials=e.withCredentials;return o(a,b,f).then(c,c)},p],j=k.when(d);for(n(y,function(a){(a.request||a.requestError)&&g.unshift(a.request,a.requestError);(a.response||a.responseError)&&g.push(a.response,a.responseError)});g.length;)var a=g.shift(),i=g.shift(),j=j.then(a,i);j.success=function(a){j.then(function(b){a(b.data,b.status,b.headers,d)});return j};j.error=function(a){j.then(null,function(b){a(b.data,b.status,b.headers,d)});return j};return j}function o(b,c,g){function j(a, b,c){n&&(200<=a&&a<300?n.put(s,[a,b,Wb(c)]):n.remove(s));i(b,a,c);d.$$phase||d.$apply()}function i(a,c,d){c=Math.max(c,0);(200<=c&&c<300?l.resolve:l.reject)({data:a,status:c,headers:Xb(d),config:b})}function h(){var a=Ga(u.pendingRequests,b);a!==-1&&u.pendingRequests.splice(a,1)}var l=k.defer(),o=l.promise,n,p,s=z(b.url,b.params);u.pendingRequests.push(b);o.then(h,h);if((b.cache||e.cache)&&b.cache!==!1&&b.method=="GET")n=L(b.cache)?b.cache:L(e.cache)?e.cache:r;if(n)if(p=n.get(s))if(p.then)return p.then(h, h),p;else F(p)?i(p[1],p[0],V(p[2])):i(p,200,{});else n.put(s,o);p||a(b.method,s,c,j,g,b.timeout,b.withCredentials,b.responseType);return o}function z(a,b){if(!b)return a;var c=[];nc(b,function(a,b){a==null||a==p||(F(a)||(a=[a]),n(a,function(a){L(a)&&(a=ha(a));c.push(wa(b)+"="+wa(a))}))});return a+(a.indexOf("?")==-1?"?":"&")+c.join("&")}var r=c("$http"),y=[];n(g,function(a){y.unshift(E(a)?l.get(a):l.invoke(a))});n(i,function(a,b){var c=E(a)?l.get(a):l.invoke(a);y.splice(b,0,{response:function(a){return c(k.when(a))}, responseError:function(a){return c(k.reject(a))}})});u.pendingRequests=[];(function(a){n(arguments,function(a){u[a]=function(b,c){return u(t(c||{},{method:a,url:b}))}})})("get","delete","head","jsonp");(function(a){n(arguments,function(a){u[a]=function(b,c,d){return u(t(d||{},{method:a,url:b,data:c}))}})})("post","put");u.defaults=e;return u}]}function cd(){this.$get=["$browser","$window","$document",function(b,a,c){return dd(b,ed,b.defer,a.angular.callbacks,c[0],a.location.protocol.replace(":",""))}]} function dd(b,a,c,d,e,g){function i(a,b){var c=e.createElement("script"),d=function(){e.body.removeChild(c);b&&b()};c.type="text/javascript";c.src=a;Z?c.onreadystatechange=function(){/loaded|complete/.test(c.readyState)&&d()}:c.onload=c.onerror=d;e.body.appendChild(c);return d}return function(e,h,j,m,k,l,u,o){function z(){p=-1;t&&t();v&&v.abort()}function r(a,d,e,f){var j=(h.match(jb)||["",g])[1];A&&c.cancel(A);t=v=null;d=j=="file"?e?200:404:d;a(d==1223?204:d,e,f);b.$$completeOutstandingRequest(q)} var p;b.$$incOutstandingRequestCount();h=h||b.url();if(I(e)=="jsonp"){var x="_"+(d.counter++).toString(36);d[x]=function(a){d[x].data=a};var t=i(h.replace("JSON_CALLBACK","angular.callbacks."+x),function(){d[x].data?r(m,200,d[x].data):r(m,p||-2);delete d[x]})}else{var v=new a;v.open(e,h,!0);n(k,function(a,b){a&&v.setRequestHeader(b,a)});v.onreadystatechange=function(){if(v.readyState==4){var a=v.getAllResponseHeaders(),b=["Cache-Control","Content-Language","Content-Type","Expires","Last-Modified", "Pragma"];a||(a="",n(b,function(b){var c=v.getResponseHeader(b);c&&(a+=b+": "+c+"\n")}));r(m,p||v.status,v.responseType?v.response:v.responseText,a)}};if(u)v.withCredentials=!0;if(o)v.responseType=o;v.send(j||"")}if(l>0)var A=c(z,l);else l&&l.then&&l.then(z)}}function fd(){this.$get=function(){return{id:"en-us",NUMBER_FORMATS:{DECIMAL_SEP:".",GROUP_SEP:",",PATTERNS:[{minInt:1,minFrac:0,maxFrac:3,posPre:"",posSuf:"",negPre:"-",negSuf:"",gSize:3,lgSize:3},{minInt:1,minFrac:2,maxFrac:2,posPre:"\u00a4", posSuf:"",negPre:"(\u00a4",negSuf:")",gSize:3,lgSize:3}],CURRENCY_SYM:"$"},DATETIME_FORMATS:{MONTH:"January,February,March,April,May,June,July,August,September,October,November,December".split(","),SHORTMONTH:"Jan,Feb,Mar,Apr,May,Jun,Jul,Aug,Sep,Oct,Nov,Dec".split(","),DAY:"Sunday,Monday,Tuesday,Wednesday,Thursday,Friday,Saturday".split(","),SHORTDAY:"Sun,Mon,Tue,Wed,Thu,Fri,Sat".split(","),AMPMS:["AM","PM"],medium:"MMM d, y h:mm:ss a","short":"M/d/yy h:mm a",fullDate:"EEEE, MMMM d, y",longDate:"MMMM d, y", mediumDate:"MMM d, y",shortDate:"M/d/yy",mediumTime:"h:mm:ss a",shortTime:"h:mm a"},pluralCat:function(b){return b===1?"one":"other"}}}}function gd(){this.$get=["$rootScope","$browser","$q","$exceptionHandler",function(b,a,c,d){function e(e,f,h){var j=c.defer(),m=j.promise,k=B(h)&&!h,f=a.defer(function(){try{j.resolve(e())}catch(a){j.reject(a),d(a)}k||b.$apply()},f),h=function(){delete g[m.$$timeoutId]};m.$$timeoutId=f;g[f]=j;m.then(h,h);return m}var g={};e.cancel=function(b){return b&&b.$$timeoutId in g?(g[b.$$timeoutId].reject("canceled"),a.defer.cancel(b.$$timeoutId)):!1};return e}]}function Zb(b){function a(a,e){return b.factory(a+c,e)}var c="Filter";this.register=a;this.$get=["$injector",function(a){return function(b){return a.get(b+c)}}];a("currency",$b);a("date",ac);a("filter",hd);a("json",id);a("limitTo",jd);a("lowercase",kd);a("number",bc);a("orderBy",cc);a("uppercase",ld)}function hd(){return function(b,a,c){if(!F(b))return b;var d=[];d.check=function(a){for(var b=0;b-1}}var e=function(a,b){if(typeof b=="string"&&b.charAt(0)==="!")return!e(a,b.substr(1));switch(typeof a){case "boolean":case "number":case "string":return c(a,b);case "object":switch(typeof b){case "object":return c(a,b);default:for(var d in a)if(d.charAt(0)!=="$"&&e(a[d],b))return!0}return!1;case "array":for(d= 0;de+1?i="0":(f=i,j=!0)}if(!j){i=(i.split(ec)[1]||"").length;C(e)&&(e=Math.min(Math.max(a.minFrac,i), a.maxFrac));var i=Math.pow(10,e),b=Math.round(b*i)/i,b=(""+b).split(ec),i=b[0],b=b[1]||"",j=0,m=a.lgSize,k=a.gSize;if(i.length>=m+k)for(var j=i.length-m,l=0;l0||e>-c)e+=c;e===0&&c==-12&&(e=12);return nb(e,a,d)}}function Qa(b,a){return function(c,d){var e=c["get"+b](),g=oa(a?"SHORT"+b:b);return d[g][e]}}function ac(b){function a(a){var b;if(b=a.match(c)){var a=new Date(0),g=0,i=0,f=b[8]?a.setUTCFullYear:a.setFullYear,h=b[8]?a.setUTCHours:a.setHours;b[9]&&(g=N(b[9]+b[10]),i=N(b[9]+b[11]));f.call(a,N(b[1]),N(b[2])-1,N(b[3]));g=N(b[4]||0)-g;i=N(b[5]||0)-i;f= N(b[6]||0);b=Math.round(parseFloat("0."+(b[7]||0))*1E3);h.call(a,g,i,f,b)}return a}var c=/^(\d{4})-?(\d\d)-?(\d\d)(?:T(\d\d)(?::?(\d\d)(?::?(\d\d)(?:\.(\d+))?)?)?(Z|([+-])(\d\d):?(\d\d))?)?$/;return function(c,e){var g="",i=[],f,h,e=e||"mediumDate",e=b.DATETIME_FORMATS[e]||e;E(c)&&(c=md.test(c)?N(c):a(c));Ya(c)&&(c=new Date(c));if(!ra(c))return c;for(;e;)(h=nd.exec(e))?(i=i.concat(ka.call(h,1)),e=i.pop()):(i.push(e),e=null);n(i,function(a){f=od[a];g+=f?f(c,b.DATETIME_FORMATS):a.replace(/(^'|'$)/g, "").replace(/''/g,"'")});return g}}function id(){return function(b){return ha(b,!0)}}function jd(){return function(b,a){if(!F(b)&&!E(b))return b;a=N(a);if(E(b))return a?a>=0?b.slice(0,a):b.slice(a,b.length):"";var c=[],d,e;a>b.length?a=b.length:a<-b.length&&(a=-b.length);a>0?(d=0,e=a):(d=b.length+a,e=b.length);for(;dl?(d.$setValidity("maxlength",!1),p):(d.$setValidity("maxlength",!0),a)};d.$parsers.push(e);d.$formatters.push(e)}}function ob(b,a){b="ngClass"+b;return aa(function(c,d,e){function g(b){if(a===!0||c.$index%2===a)h&&!ia(b,h)&&i(h),f(b);h=V(b)}function i(a){L(a)&&!F(a)&&(a=Za(a,function(a,b){if(a)return b}));d.removeClass(F(a)?a.join(" "):a)}function f(a){L(a)&&!F(a)&&(a=Za(a, function(a,b){if(a)return b}));a&&d.addClass(F(a)?a.join(" "):a)}var h=p;c.$watch(e[b],g,!0);e.$observe("class",function(){var a=c.$eval(e[b]);g(a,a)});b!=="ngClass"&&c.$watch("$index",function(d,g){var h=d&1;h!==g&1&&(h===a?f(c.$eval(e[b])):i(c.$eval(e[b])))})})}var I=function(b){return E(b)?b.toLowerCase():b},oa=function(b){return E(b)?b.toUpperCase():b},Z=N((/msie (\d+)/.exec(I(navigator.userAgent))||[])[1]),w,ga,ka=[].slice,Wa=[].push,Ea=Object.prototype.toString,mc=M.angular,Ha=M.angular||(M.angular= {}),Aa,hb,ba=["0","0","0"];q.$inject=[];qa.$inject=[];hb=Z<9?function(b){b=b.nodeName?b:b[0];return b.scopeName&&b.scopeName!="HTML"?oa(b.scopeName+":"+b.nodeName):b.nodeName}:function(b){return b.nodeName?b.nodeName:b[0].nodeName};var sc=/[A-Z]/g,pd={full:"1.1.5",major:1,minor:1,dot:5,codeName:"triangle-squarification"},Ka=R.cache={},Ja=R.expando="ng-"+(new Date).getTime(),wc=1,gc=M.document.addEventListener?function(b,a,c){b.addEventListener(a,c,!1)}:function(b,a,c){b.attachEvent("on"+a,c)},gb= M.document.removeEventListener?function(b,a,c){b.removeEventListener(a,c,!1)}:function(b,a,c){b.detachEvent("on"+a,c)},uc=/([\:\-\_]+(.))/g,vc=/^moz([A-Z])/,Ba=R.prototype={ready:function(b){function a(){c||(c=!0,b())}var c=!1;T.readyState==="complete"?setTimeout(a):(this.bind("DOMContentLoaded",a),R(M).bind("load",a))},toString:function(){var b=[];n(this,function(a){b.push(""+a)});return"["+b.join(", ")+"]"},eq:function(b){return b>=0?w(this[b]):w(this[this.length+b])},length:0,push:Wa,sort:[].sort, splice:[].splice},Na={};n("multiple,selected,checked,disabled,readOnly,required,open".split(","),function(b){Na[I(b)]=b});var Gb={};n("input,select,option,textarea,button,form,details".split(","),function(b){Gb[oa(b)]=!0});n({data:Bb,inheritedData:Ma,scope:function(b){return Ma(b,"$scope")},controller:Eb,injector:function(b){return Ma(b,"$injector")},removeAttr:function(b,a){b.removeAttribute(a)},hasClass:La,css:function(b,a,c){a=Ia(a);if(B(c))b.style[a]=c;else{var d;Z<=8&&(d=b.currentStyle&&b.currentStyle[a], d===""&&(d="auto"));d=d||b.style[a];Z<=8&&(d=d===""?p:d);return d}},attr:function(b,a,c){var d=I(a);if(Na[d])if(B(c))c?(b[a]=!0,b.setAttribute(a,d)):(b[a]=!1,b.removeAttribute(d));else return b[a]||(b.attributes.getNamedItem(a)||q).specified?d:p;else if(B(c))b.setAttribute(a,c);else if(b.getAttribute)return b=b.getAttribute(a,2),b===null?p:b},prop:function(b,a,c){if(B(c))b[a]=c;else return b[a]},text:t(Z<9?function(b,a){if(b.nodeType==1){if(C(a))return b.innerText;b.innerText=a}else{if(C(a))return b.nodeValue; b.nodeValue=a}}:function(b,a){if(C(a))return b.textContent;b.textContent=a},{$dv:""}),val:function(b,a){if(C(a))return b.value;b.value=a},html:function(b,a){if(C(a))return b.innerHTML;for(var c=0,d=b.childNodes;c0||parseFloat(h[a+"Duration"])> 0)g="animation",i=a,j=Math.max(parseInt(h[g+"IterationCount"])||0,parseInt(h[i+"IterationCount"])||0,j);f=Math.max(x(h[g+"Delay"]),x(h[i+"Delay"]));g=Math.max(x(h[g+"Duration"]),x(h[i+"Duration"]));d=Math.max(f+j*g,d)}});e.setTimeout(v,d*1E3)}else v()}function v(){if(!v.run)v.run=!0,o(m,r,p),m.removeClass(w),m.removeClass(K),m.removeData(a)}var A=c.$eval(i.ngAnimate),w=A?L(A)?A[j]:A+"-"+j:"",D=d(w),A=D&&D.setup,$=D&&D.start,D=D&&D.cancel;if(w){var K=w+"-active";r||(r=p?p.parent():m.parent());if(!g.transitions&& !A&&!$||(r.inheritedData(a)||q).running)k(m,r,p),o(m,r,p);else{var O=m.data(a)||{};O.running&&((D||q)(m),O.done());m.data(a,{running:!0,done:v});m.addClass(w);k(m,r,p);if(m.length==0)return v();var P=(A||q)(m);e.setTimeout(t,1)}}else k(m,r,p),o(m,r,p)}}function m(a,c,d){d?d.after(a):c.append(a)}var k={};k.enter=j("enter",m,q);k.leave=j("leave",q,function(a){a.remove()});k.move=j("move",function(a,c,d){m(a,c,d)},q);k.show=j("show",function(a){a.css("display","")},q);k.hide=j("hide",q,function(a){a.css("display", "none")});k.animate=function(a,c){j(a,q,q)(c)};return k};i.enabled=function(a){if(arguments.length)c.running=!a;return!c.running};return i}]},Kb="Non-assignable model expression: ";Jb.$inject=["$provide"];var Ic=/^(x[\:\-_]|data[\:\-_])/i,jb=/^([^:]+):\/\/(\w+:{0,1}\w*@)?(\{?[\w\.-]*\}?)(:([0-9]+))?(\/[^\?#]*)?(\?([^#]*))?(#(.*))?$/,Pb=/^([^\?#]*)(\?([^#]*))?(#(.*))?$/,Oa={http:80,https:443,ftp:21};Rb.prototype=lb.prototype=Qb.prototype={$$replace:!1,absUrl:Pa("$$absUrl"),url:function(a,c){if(C(a))return this.$$url; var d=Pb.exec(a);d[1]&&this.path(decodeURIComponent(d[1]));if(d[2]||d[1])this.search(d[3]||"");this.hash(d[5]||"",c);return this},protocol:Pa("$$protocol"),host:Pa("$$host"),port:Pa("$$port"),path:Sb("$$path",function(a){return a.charAt(0)=="/"?a:"/"+a}),search:function(a,c){if(C(a))return this.$$search;B(c)?c===null?delete this.$$search[a]:this.$$search[a]=c:this.$$search=E(a)?vb(a):a;this.$$compose();return this},hash:Sb("$$hash",qa),replace:function(){this.$$replace=!0;return this}};var Da={"null":function(){return null}, "true":function(){return!0},"false":function(){return!1},undefined:q,"+":function(a,c,d,e){d=d(a,c);e=e(a,c);return B(d)?B(e)?d+e:d:B(e)?e:p},"-":function(a,c,d,e){d=d(a,c);e=e(a,c);return(B(d)?d:0)-(B(e)?e:0)},"*":function(a,c,d,e){return d(a,c)*e(a,c)},"/":function(a,c,d,e){return d(a,c)/e(a,c)},"%":function(a,c,d,e){return d(a,c)%e(a,c)},"^":function(a,c,d,e){return d(a,c)^e(a,c)},"=":q,"===":function(a,c,d,e){return d(a,c)===e(a,c)},"!==":function(a,c,d,e){return d(a,c)!==e(a,c)},"==":function(a, c,d,e){return d(a,c)==e(a,c)},"!=":function(a,c,d,e){return d(a,c)!=e(a,c)},"<":function(a,c,d,e){return d(a,c)":function(a,c,d,e){return d(a,c)>e(a,c)},"<=":function(a,c,d,e){return d(a,c)<=e(a,c)},">=":function(a,c,d,e){return d(a,c)>=e(a,c)},"&&":function(a,c,d,e){return d(a,c)&&e(a,c)},"||":function(a,c,d,e){return d(a,c)||e(a,c)},"&":function(a,c,d,e){return d(a,c)&e(a,c)},"|":function(a,c,d,e){return e(a,c)(a,c,d(a,c))},"!":function(a,c,d){return!d(a,c)}},Qc={n:"\n",f:"\u000c",r:"\r", t:"\t",v:"\u000b","'":"'",'"':'"'},mb={},ad=/^(([^:]+):)?\/\/(\w+:{0,1}\w*@)?([\w\.-]*)?(:([0-9]+))?(.*)$/,ed=M.XMLHttpRequest||function(){try{return new ActiveXObject("Msxml2.XMLHTTP.6.0")}catch(a){}try{return new ActiveXObject("Msxml2.XMLHTTP.3.0")}catch(c){}try{return new ActiveXObject("Msxml2.XMLHTTP")}catch(d){}throw Error("This browser does not support XMLHttpRequest.");};Zb.$inject=["$provide"];$b.$inject=["$locale"];bc.$inject=["$locale"];var ec=".",od={yyyy:Q("FullYear",4),yy:Q("FullYear", 2,0,!0),y:Q("FullYear",1),MMMM:Qa("Month"),MMM:Qa("Month",!0),MM:Q("Month",2,1),M:Q("Month",1,1),dd:Q("Date",2),d:Q("Date",1),HH:Q("Hours",2),H:Q("Hours",1),hh:Q("Hours",2,-12),h:Q("Hours",1,-12),mm:Q("Minutes",2),m:Q("Minutes",1),ss:Q("Seconds",2),s:Q("Seconds",1),sss:Q("Milliseconds",3),EEEE:Qa("Day"),EEE:Qa("Day",!0),a:function(a,c){return a.getHours()<12?c.AMPMS[0]:c.AMPMS[1]},Z:function(a){var a=-1*a.getTimezoneOffset(),c=a>=0?"+":"";c+=nb(Math[a>0?"floor":"ceil"](a/60),2)+nb(Math.abs(a%60), 2);return c}},nd=/((?:[^yMdHhmsaZE']+)|(?:'(?:[^']|'')*')|(?:E+|y+|M+|d+|H+|h+|m+|s+|a|Z))(.*)/,md=/^\d+$/;ac.$inject=["$locale"];var kd=S(I),ld=S(oa);cc.$inject=["$parse"];var rd=S({restrict:"E",compile:function(a,c){Z<=8&&(!c.href&&!c.name&&c.$set("href",""),a.append(T.createComment("IE fix")));return function(a,c){c.bind("click",function(a){c.attr("href")||a.preventDefault()})}}}),pb={};n(Na,function(a,c){var d=da("ng-"+c);pb[d]=function(){return{priority:100,compile:function(){return function(a, g,i){a.$watch(i[d],function(a){i.$set(c,!!a)})}}}}});n(["src","srcset","href"],function(a){var c=da("ng-"+a);pb[c]=function(){return{priority:99,link:function(d,e,g){g.$observe(c,function(c){c&&(g.$set(a,c),Z&&e.prop(a,g[a]))})}}}});var Ta={$addControl:q,$removeControl:q,$setValidity:q,$setDirty:q,$setPristine:q};fc.$inject=["$element","$attrs","$scope"];var Wa=function(a){return["$timeout",function(c){var d={name:"form",restrict:"E",controller:fc,compile:function(){return{pre:function(a,d,i,f){if(!i.action){var h= function(a){a.preventDefault?a.preventDefault():a.returnValue=!1};gc(d[0],"submit",h);d.bind("$destroy",function(){c(function(){gb(d[0],"submit",h)},0,!1)})}var j=d.parent().controller("form"),m=i.name||i.ngForm;m&&(a[m]=f);j&&d.bind("$destroy",function(){j.$removeControl(f);m&&(a[m]=p);t(f,Ta)})}}}};return a?t(V(d),{restrict:"EAC"}):d}]},sd=Wa(),td=Wa(!0),ud=/^(ftp|http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?$/,vd=/^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/, wd=/^\s*(\-|\+)?(\d+|(\d*(\.\d*)))\s*$/,hc={text:Va,number:function(a,c,d,e,g,i){Va(a,c,d,e,g,i);e.$parsers.push(function(a){var c=X(a);return c||wd.test(a)?(e.$setValidity("number",!0),a===""?null:c?a:parseFloat(a)):(e.$setValidity("number",!1),p)});e.$formatters.push(function(a){return X(a)?"":""+a});if(d.min){var f=parseFloat(d.min),a=function(a){return!X(a)&&ah?(e.$setValidity("max",!1),p):(e.$setValidity("max",!0),a)};e.$parsers.push(d);e.$formatters.push(d)}e.$formatters.push(function(a){return X(a)||Ya(a)?(e.$setValidity("number",!0),a):(e.$setValidity("number",!1),p)})},url:function(a,c,d,e,g,i){Va(a,c,d,e,g,i);a=function(a){return X(a)||ud.test(a)?(e.$setValidity("url",!0),a):(e.$setValidity("url",!1),p)};e.$formatters.push(a);e.$parsers.push(a)},email:function(a,c,d,e,g,i){Va(a,c,d,e,g,i);a=function(a){return X(a)||vd.test(a)? (e.$setValidity("email",!0),a):(e.$setValidity("email",!1),p)};e.$formatters.push(a);e.$parsers.push(a)},radio:function(a,c,d,e){C(d.name)&&c.attr("name",Fa());c.bind("click",function(){c[0].checked&&a.$apply(function(){e.$setViewValue(d.value)})});e.$render=function(){c[0].checked=d.value==e.$viewValue};d.$observe("value",e.$render)},checkbox:function(a,c,d,e){var g=d.ngTrueValue,i=d.ngFalseValue;E(g)||(g=!0);E(i)||(i=!1);c.bind("click",function(){a.$apply(function(){e.$setViewValue(c[0].checked)})}); e.$render=function(){c[0].checked=e.$viewValue};e.$formatters.push(function(a){return a===g});e.$parsers.push(function(a){return a?g:i})},hidden:q,button:q,submit:q,reset:q},ic=["$browser","$sniffer",function(a,c){return{restrict:"E",require:"?ngModel",link:function(d,e,g,i){i&&(hc[I(g.type)]||hc.text)(d,e,g,i,c,a)}}}],Sa="ng-valid",Ra="ng-invalid",pa="ng-pristine",Ua="ng-dirty",xd=["$scope","$exceptionHandler","$attrs","$element","$parse",function(a,c,d,e,g){function i(a,c){c=c?"-"+bb(c,"-"):""; e.removeClass((a?Ra:Sa)+c).addClass((a?Sa:Ra)+c)}this.$modelValue=this.$viewValue=Number.NaN;this.$parsers=[];this.$formatters=[];this.$viewChangeListeners=[];this.$pristine=!0;this.$dirty=!1;this.$valid=!0;this.$invalid=!1;this.$name=d.name;var f=g(d.ngModel),h=f.assign;if(!h)throw Error(Kb+d.ngModel+" ("+va(e)+")");this.$render=q;var j=e.inheritedData("$formController")||Ta,m=0,k=this.$error={};e.addClass(pa);i(!0);this.$setValidity=function(a,c){if(k[a]!==!c){if(c){if(k[a]&&m--,!m)i(!0),this.$valid= !0,this.$invalid=!1}else i(!1),this.$invalid=!0,this.$valid=!1,m++;k[a]=!c;i(c,a);j.$setValidity(a,c,this)}};this.$setPristine=function(){this.$dirty=!1;this.$pristine=!0;e.removeClass(Ua).addClass(pa)};this.$setViewValue=function(d){this.$viewValue=d;if(this.$pristine)this.$dirty=!0,this.$pristine=!1,e.removeClass(pa).addClass(Ua),j.$setDirty();n(this.$parsers,function(a){d=a(d)});if(this.$modelValue!==d)this.$modelValue=d,h(a,d),n(this.$viewChangeListeners,function(a){try{a()}catch(d){c(d)}})}; var l=this;a.$watch(function(){var c=f(a);if(l.$modelValue!==c){var d=l.$formatters,e=d.length;for(l.$modelValue=c;e--;)c=d[e](c);if(l.$viewValue!==c)l.$viewValue=c,l.$render()}})}],yd=function(){return{require:["ngModel","^?form"],controller:xd,link:function(a,c,d,e){var g=e[0],i=e[1]||Ta;i.$addControl(g);c.bind("$destroy",function(){i.$removeControl(g)})}}},zd=S({require:"ngModel",link:function(a,c,d,e){e.$viewChangeListeners.push(function(){a.$eval(d.ngChange)})}}),jc=function(){return{require:"?ngModel", link:function(a,c,d,e){if(e){d.required=!0;var g=function(a){if(d.required&&(X(a)||a===!1))e.$setValidity("required",!1);else return e.$setValidity("required",!0),a};e.$formatters.push(g);e.$parsers.unshift(g);d.$observe("required",function(){g(e.$viewValue)})}}}},Ad=function(){return{require:"ngModel",link:function(a,c,d,e){var g=(a=/\/(.*)\//.exec(d.ngList))&&RegExp(a[1])||d.ngList||",";e.$parsers.push(function(a){var c=[];a&&n(a.split(g),function(a){a&&c.push(U(a))});return c});e.$formatters.push(function(a){return F(a)? a.join(", "):p})}}},Bd=/^(true|false|\d+)$/,Cd=function(){return{priority:100,compile:function(a,c){return Bd.test(c.ngValue)?function(a,c,g){g.$set("value",a.$eval(g.ngValue))}:function(a,c,g){a.$watch(g.ngValue,function(a){g.$set("value",a,!1)})}}}},Dd=aa(function(a,c,d){c.addClass("ng-binding").data("$binding",d.ngBind);a.$watch(d.ngBind,function(a){c.text(a==p?"":a)})}),Ed=["$interpolate",function(a){return function(c,d,e){c=a(d.attr(e.$attr.ngBindTemplate));d.addClass("ng-binding").data("$binding", c);e.$observe("ngBindTemplate",function(a){d.text(a)})}}],Fd=[function(){return function(a,c,d){c.addClass("ng-binding").data("$binding",d.ngBindHtmlUnsafe);a.$watch(d.ngBindHtmlUnsafe,function(a){c.html(a||"")})}}],Gd=ob("",!0),Hd=ob("Odd",0),Id=ob("Even",1),Jd=aa({compile:function(a,c){c.$set("ngCloak",p);a.removeClass("ng-cloak")}}),Kd=[function(){return{scope:!0,controller:"@"}}],Ld=["$sniffer",function(a){return{priority:1E3,compile:function(){a.csp=!0}}}],kc={};n("click dblclick mousedown mouseup mouseover mouseout mousemove mouseenter mouseleave keydown keyup keypress".split(" "), function(a){var c=da("ng-"+a);kc[c]=["$parse",function(d){return function(e,g,i){var f=d(i[c]);g.bind(I(a),function(a){e.$apply(function(){f(e,{$event:a})})})}}]});var Md=aa(function(a,c,d){c.bind("submit",function(){a.$apply(d.ngSubmit)})}),Nd=["$animator",function(a){return{transclude:"element",priority:1E3,terminal:!0,restrict:"A",compile:function(c,d,e){return function(c,d,f){var h=a(c,f),j,m;c.$watch(f.ngIf,function(a){j&&(h.leave(j),j=p);m&&(m.$destroy(),m=p);ua(a)&&(m=c.$new(),e(m,function(a){j= a;h.enter(a,d.parent(),d)}))})}}}}],Od=["$http","$templateCache","$anchorScroll","$compile","$animator",function(a,c,d,e,g){return{restrict:"ECA",terminal:!0,compile:function(i,f){var h=f.ngInclude||f.src,j=f.onload||"",m=f.autoscroll;return function(f,i,n){var o=g(f,n),p=0,r,t=function(){r&&(r.$destroy(),r=null);o.leave(i.contents(),i)};f.$watch(h,function(g){var h=++p;g?(a.get(g,{cache:c}).success(function(a){h===p&&(r&&r.$destroy(),r=f.$new(),o.leave(i.contents(),i),a=w("
").html(a).contents(), o.enter(a,i),e(a)(r),B(m)&&(!m||f.$eval(m))&&d(),r.$emit("$includeContentLoaded"),f.$eval(j))}).error(function(){h===p&&t()}),f.$emit("$includeContentRequested")):t()})}}}}],Pd=aa({compile:function(){return{pre:function(a,c,d){a.$eval(d.ngInit)}}}}),Qd=aa({terminal:!0,priority:1E3}),Rd=["$locale","$interpolate",function(a,c){var d=/{}/g;return{restrict:"EA",link:function(e,g,i){var f=i.count,h=g.attr(i.$attr.when),j=i.offset||0,m=e.$eval(h),k={},l=c.startSymbol(),p=c.endSymbol();n(m,function(a,e){k[e]= c(a.replace(d,l+f+"-"+j+p))});e.$watch(function(){var c=parseFloat(e.$eval(f));return isNaN(c)?"":(c in m||(c=a.pluralCat(c-j)),k[c](e,g,!0))},function(a){g.text(a)})}}}],Sd=["$parse","$animator",function(a,c){return{transclude:"element",priority:1E3,terminal:!0,compile:function(d,e,g){return function(d,e,h){var j=c(d,h),m=h.ngRepeat,k=m.match(/^\s*(.+)\s+in\s+(.*?)\s*(\s+track\s+by\s+(.+)\s*)?$/),l,p,o,z,r,t={$id:la};if(!k)throw Error("Expected ngRepeat in form of '_item_ in _collection_[ track by _id_]' but got '"+ m+"'.");h=k[1];o=k[2];(k=k[4])?(l=a(k),p=function(a,c,e){r&&(t[r]=a);t[z]=c;t.$index=e;return l(d,t)}):p=function(a,c){return la(c)};k=h.match(/^(?:([\$\w]+)|\(([\$\w]+)\s*,\s*([\$\w]+)\))$/);if(!k)throw Error("'item' in 'item in collection' should be identifier or (key, value) but got '"+h+"'.");z=k[3]||k[1];r=k[2];var x={};d.$watchCollection(o,function(a){var c,h,k=e,l,o={},t,q,w,s,B,y,C=[];if(Xa(a))B=a;else{B=[];for(w in a)a.hasOwnProperty(w)&&w.charAt(0)!="$"&&B.push(w);B.sort()}t=B.length;h= C.length=B.length;for(c=0;c
").html(k).contents();o.enter(k,c);var k=g(k),m=d.current;l=m.scope=a.$new();if(m.controller)f.$scope= l,f=i(m.controller,f),m.controllerAs&&(l[m.controllerAs]=f),c.children().data("$ngControllerController",f);k(l);l.$emit("$viewContentLoaded");l.$eval(n);e()}else o.leave(c.contents(),c),l&&(l.$destroy(),l=null)}var l,n=m.onload||"",o=f(a,m);a.$on("$routeChangeSuccess",k);k()}}}],ae=["$templateCache",function(a){return{restrict:"E",terminal:!0,compile:function(c,d){d.type=="text/ng-template"&&a.put(d.id,c[0].text)}}}],be=S({terminal:!0}),ce=["$compile","$parse",function(a,c){var d=/^\s*(.*?)(?:\s+as\s+(.*?))?(?:\s+group\s+by\s+(.*))?\s+for\s+(?:([\$\w][\$\w\d]*)|(?:\(\s*([\$\w][\$\w\d]*)\s*,\s*([\$\w][\$\w\d]*)\s*\)))\s+in\s+(.*?)(?:\s+track\s+by\s+(.*?))?$/, e={$setViewValue:q};return{restrict:"E",require:["select","?ngModel"],controller:["$element","$scope","$attrs",function(a,c,d){var h=this,j={},m=e,k;h.databound=d.ngModel;h.init=function(a,c,d){m=a;k=d};h.addOption=function(c){j[c]=!0;m.$viewValue==c&&(a.val(c),k.parent()&&k.remove())};h.removeOption=function(a){this.hasOption(a)&&(delete j[a],m.$viewValue==a&&this.renderUnknownOption(a))};h.renderUnknownOption=function(c){c="? "+la(c)+" ?";k.val(c);a.prepend(k);a.val(c);k.prop("selected",!0)};h.hasOption= function(a){return j.hasOwnProperty(a)};c.$on("$destroy",function(){h.renderUnknownOption=q})}],link:function(e,i,f,h){function j(a,c,d,e){d.$render=function(){var a=d.$viewValue;e.hasOption(a)?(v.parent()&&v.remove(),c.val(a),a===""&&t.prop("selected",!0)):C(a)&&t?c.val(""):e.renderUnknownOption(a)};c.bind("change",function(){a.$apply(function(){v.parent()&&v.remove();d.$setViewValue(c.val())})})}function m(a,c,d){var e;d.$render=function(){var a=new za(d.$viewValue);n(c.find("option"),function(c){c.selected= B(a.get(c.value))})};a.$watch(function(){ia(e,d.$viewValue)||(e=V(d.$viewValue),d.$render())});c.bind("change",function(){a.$apply(function(){var a=[];n(c.find("option"),function(c){c.selected&&a.push(c.value)});d.$setViewValue(a)})})}function k(e,f,g){function i(){var a={"":[]},c=[""],d,h,q,v,s;q=g.$modelValue;v=u(e)||[];var z=l?qb(v):v,B,y,A;y={};s=!1;var C,D;if(o)if(t&&F(q)){s=new za([]);for(h=0;hA;)v.pop().element.remove()}for(;w.length>y;)w.pop()[0].element.remove()} var h;if(!(h=q.match(d)))throw Error("Expected ngOptions in form of '_select_ (as _label_)? for (_key_,)?_value_ in _collection_ (track by _expr_)?' but got '"+q+"'.");var j=c(h[2]||h[1]),k=h[4]||h[6],l=h[5],m=c(h[3]||""),n=c(h[2]?h[1]:k),u=c(h[7]),t=h[8]?c(h[8]):null,w=[[{element:f,label:""}]];r&&(a(r)(e),r.removeClass("ng-scope"),r.remove());f.html("");f.bind("change",function(){e.$apply(function(){var a,c=u(e)||[],d={},h,i,j,m,q,r;if(o){i=[];m=0;for(r=w.length;m@charset "UTF-8";[ng\\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.x-ng-cloak{display:none;}ng\\:form{display:block;}'); ================================================ FILE: assets/client/static/js/base64.js ================================================ /* Copyright (c) 2008 Fred Palmer fred.palmer_at_gmail.com Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ function StringBuffer() { this.buffer = []; } StringBuffer.prototype.append = function append(string) { this.buffer.push(string); return this; }; StringBuffer.prototype.toString = function toString() { return this.buffer.join(""); }; window.Base64 = { codex : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=", encode : function (input) { var output = new StringBuffer(); var enumerator = new Utf8EncodeEnumerator(input); while (enumerator.moveNext()) { var chr1 = enumerator.current; enumerator.moveNext(); var chr2 = enumerator.current; enumerator.moveNext(); var chr3 = enumerator.current; var enc1 = chr1 >> 2; var enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); var enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); var enc4 = chr3 & 63; if (isNaN(chr2)) { enc3 = enc4 = 64; } else if (isNaN(chr3)) { enc4 = 64; } output.append(this.codex.charAt(enc1) + this.codex.charAt(enc2) + this.codex.charAt(enc3) + this.codex.charAt(enc4)); } return output.toString(); }, decode : function (input) { var output = new StringBuffer(); var outputBytes = []; var enumerator = new Base64DecodeEnumerator(input); while (enumerator.moveNext()) { var charCode = enumerator.current; outputBytes.push(charCode); if (charCode < 128) output.append(String.fromCharCode(charCode)); else if ((charCode > 191) && (charCode < 224)) { enumerator.moveNext(); var charCode2 = enumerator.current; outputBytes.push(charCode2); output.append(String.fromCharCode(((charCode & 31) << 6) | (charCode2 & 63))); } else { enumerator.moveNext(); var charCode2 = enumerator.current; outputBytes.push(charCode2); enumerator.moveNext(); var charCode3 = enumerator.current; outputBytes.push(charCode3); output.append(String.fromCharCode(((charCode & 15) << 12) | ((charCode2 & 63) << 6) | (charCode3 & 63))); } } return { "bytes": outputBytes, "text": output.toString() }; } }; function Utf8EncodeEnumerator(input) { this._input = input; this._index = -1; this._buffer = []; } Utf8EncodeEnumerator.prototype = { current: Number.NaN, moveNext: function() { if (this._buffer.length > 0) { this.current = this._buffer.shift(); return true; } else if (this._index >= (this._input.length - 1)) { this.current = Number.NaN; return false; } else { var charCode = this._input.charCodeAt(++this._index); // "\r\n" -> "\n" // if ((charCode == 13) && (this._input.charCodeAt(this._index + 1) == 10)) { charCode = 10; this._index += 2; } if (charCode < 128) { this.current = charCode; } else if ((charCode > 127) && (charCode < 2048)) { this.current = (charCode >> 6) | 192; this._buffer.push((charCode & 63) | 128); } else { this.current = (charCode >> 12) | 224; this._buffer.push(((charCode >> 6) & 63) | 128); this._buffer.push((charCode & 63) | 128); } return true; } } } function Base64DecodeEnumerator(input) { this._input = input; this._index = -1; this._buffer = []; } Base64DecodeEnumerator.prototype = { current: 64, moveNext: function() { if (this._buffer.length > 0) { this.current = this._buffer.shift(); return true; } else if (this._index >= (this._input.length - 1)) { this.current = 64; return false; } else { var enc1 = Base64.codex.indexOf(this._input.charAt(++this._index)); var enc2 = Base64.codex.indexOf(this._input.charAt(++this._index)); var enc3 = Base64.codex.indexOf(this._input.charAt(++this._index)); var enc4 = Base64.codex.indexOf(this._input.charAt(++this._index)); var chr1 = (enc1 << 2) | (enc2 >> 4); var chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); var chr3 = ((enc3 & 3) << 6) | enc4; this.current = chr1; if (enc3 != 64) this._buffer.push(chr2); if (enc4 != 64) this._buffer.push(chr3); return true; } } }; ================================================ FILE: assets/client/static/js/jquery.timeago.js ================================================ /** * Timeago is a jQuery plugin that makes it easy to support automatically * updating fuzzy timestamps (e.g. "4 minutes ago" or "about 1 day ago"). * * @name timeago * @version 1.3.0 * @requires jQuery v1.2.3+ * @author Ryan McGeary * @license MIT License - http://www.opensource.org/licenses/mit-license.php * * For usage and examples, visit: * http://timeago.yarp.com/ * * Copyright (c) 2008-2013, Ryan McGeary (ryan -[at]- mcgeary [*dot*] org) */ (function (factory) { if (typeof define === 'function' && define.amd) { // AMD. Register as an anonymous module. define(['jquery'], factory); } else { // Browser globals factory(jQuery); } }(function ($) { $.timeago = function(timestamp) { if (timestamp instanceof Date) { return inWords(timestamp); } else if (typeof timestamp === "string") { return inWords($.timeago.parse(timestamp)); } else if (typeof timestamp === "number") { return inWords(new Date(timestamp)); } else { return inWords($.timeago.datetime(timestamp)); } }; var $t = $.timeago; $.extend($.timeago, { settings: { refreshMillis: 60000, allowFuture: false, localeTitle: false, cutoff: 0, strings: { prefixAgo: null, prefixFromNow: null, suffixAgo: "ago", suffixFromNow: "from now", seconds: "less than a minute", minute: "about a minute", minutes: "%d minutes", hour: "about an hour", hours: "about %d hours", day: "a day", days: "%d days", month: "about a month", months: "%d months", year: "about a year", years: "%d years", wordSeparator: " ", numbers: [] } }, inWords: function(distanceMillis) { var $l = this.settings.strings; var prefix = $l.prefixAgo; var suffix = $l.suffixAgo; if (this.settings.allowFuture) { if (distanceMillis < 0) { prefix = $l.prefixFromNow; suffix = $l.suffixFromNow; } } var seconds = Math.abs(distanceMillis) / 1000; var minutes = seconds / 60; var hours = minutes / 60; var days = hours / 24; var years = days / 365; function substitute(stringOrFunction, number) { var string = $.isFunction(stringOrFunction) ? stringOrFunction(number, distanceMillis) : stringOrFunction; var value = ($l.numbers && $l.numbers[number]) || number; return string.replace(/%d/i, value); } var words = seconds < 45 && substitute($l.seconds, Math.round(seconds)) || seconds < 90 && substitute($l.minute, 1) || minutes < 45 && substitute($l.minutes, Math.round(minutes)) || minutes < 90 && substitute($l.hour, 1) || hours < 24 && substitute($l.hours, Math.round(hours)) || hours < 42 && substitute($l.day, 1) || days < 30 && substitute($l.days, Math.round(days)) || days < 45 && substitute($l.month, 1) || days < 365 && substitute($l.months, Math.round(days / 30)) || years < 1.5 && substitute($l.year, 1) || substitute($l.years, Math.round(years)); var separator = $l.wordSeparator || ""; if ($l.wordSeparator === undefined) { separator = " "; } return $.trim([prefix, words, suffix].join(separator)); }, parse: function(iso8601) { var s = $.trim(iso8601); s = s.replace(/\.\d+/,""); // remove milliseconds s = s.replace(/-/,"/").replace(/-/,"/"); s = s.replace(/T/," ").replace(/Z/," UTC"); s = s.replace(/([\+\-]\d\d)\:?(\d\d)/," $1$2"); // -04:00 -> -0400 return new Date(s); }, datetime: function(elem) { var iso8601 = $t.isTime(elem) ? $(elem).attr("datetime") : $(elem).attr("title"); return $t.parse(iso8601); }, isTime: function(elem) { // jQuery's `is()` doesn't play well with HTML5 in IE return $(elem).get(0).tagName.toLowerCase() === "time"; // $(elem).is("time"); } }); // functions that can be called via $(el).timeago('action') // init is default when no action is given // functions are called with context of a single element var functions = { init: function(){ var refresh_el = $.proxy(refresh, this); refresh_el(); var $s = $t.settings; if ($s.refreshMillis > 0) { setInterval(refresh_el, $s.refreshMillis); } }, update: function(time){ $(this).data('timeago', { datetime: $t.parse(time) }); refresh.apply(this); }, updateFromDOM: function(){ $(this).data('timeago', { datetime: $t.parse( $t.isTime(this) ? $(this).attr("datetime") : $(this).attr("title") ) }); refresh.apply(this); } }; $.fn.timeago = function(action, options) { var fn = action ? functions[action] : functions.init; if(!fn){ throw new Error("Unknown function name '"+ action +"' for timeago"); } // each over objects here and call the requested function this.each(function(){ fn.call(this, options); }); return this; }; function refresh() { var data = prepareData(this); var $s = $t.settings; if (!isNaN(data.datetime)) { if ( $s.cutoff == 0 || distance(data.datetime) < $s.cutoff) { $(this).text(inWords(data.datetime)); } } return this; } function prepareData(element) { element = $(element); if (!element.data("timeago")) { element.data("timeago", { datetime: $t.datetime(element) }); var text = $.trim(element.text()); if ($t.settings.localeTitle) { element.attr("title", element.data('timeago').datetime.toLocaleString()); } else if (text.length > 0 && !($t.isTime(element) && element.attr("title"))) { element.attr("title", text); } } return element.data("timeago"); } function inWords(date) { return $t.inWords(distance(date)); } function distance(date) { return (new Date().getTime() - date.getTime()); } // fix for IE6 suckage document.createElement("abbr"); document.createElement("time"); })); ================================================ FILE: assets/client/static/js/ngrok.js ================================================ var ngrok = angular.module("ngrok", ["ngSanitize"]); var hexRepr = function(bytes) { var buf = []; var ascii = []; for (var i=0; i 0x7e) { ascii.push('.'); } else { ascii.push(String.fromCharCode(b)); } buf.push(b.toString(16)); buf.push(" "); ascii.push(" "); } if (ascii.length > 0) { var charsLeft = 8 - (ascii.length / 2); for (i=0; i 0; body.hasError = !!body.Error; var syntaxClass = { "text/xml": "xml", "application/xml": "xml", "text/html": "xml", "text/css": "css", "application/json": "json", "text/javascript": "javascript", "application/javascript": "javascript", }[body.ContentType]; // decode body if (binary) { body.Text = ""; } else { body.Text = Base64.decode(body.Text).text; } // prettify var transform = { "xml": "xml", "json": "json" }[syntaxClass]; if (!body.hasError && !!transform) { try { // vkbeautify does poorly at formatting html if (body.ContentType != "text/html") { body.Text = vkbeautify[transform](body.Text); } } catch (e) { } } if (!!syntaxClass) { body.Text = hljs.highlight(syntaxClass, body.Text).value; } else { // highlight.js doesn't have a 'plaintext' syntax, so we'll just copy its escaping function. body.Text = body.Text.replace(/&/gm, '&').replace(//gm, '>'); } }; var processReq = function(req) { if (!req.RawBytes) { var decoded = Base64.decode(req.Raw); req.RawBytes = hexRepr(decoded.bytes); if (!req.Binary) { req.RawText = decoded.text; } } processBody(req.Body, req.Binary); }; var processResp = function(resp) { resp.statusClass = { '2': "text-info", '3': "muted", '4': "text-warning", '5': "text-error" }[resp.Status[0]]; if (!resp.RawBytes) { var decoded = Base64.decode(resp.Raw); resp.RawBytes = hexRepr(decoded.bytes); if (!resp.Binary) { resp.RawText = decoded.text; } } processBody(resp.Body, resp.Binary); }; var processTxn = function(txn) { processReq(txn.Req); processResp(txn.Resp); }; var preprocessTxn = function(txn) { var toFixed = function(value, precision) { var power = Math.pow(10, precision || 0); return String(Math.round(value * power) / power); } // parse nanosecond count var ns = txn.Duration; var ms = ns / (1000 * 1000); txn.Duration = ms; if (ms > 1000) { txn.Duration = toFixed(ms / 1000, 2) + "s"; } else { txn.Duration = toFixed(ms, 2) + "ms"; } }; var active; var txns = window.data.Txns; txns.forEach(function(t) { preprocessTxn(t); }); var activate = function(txn) { if (!txn.processed) { processTxn(txn); txn.processed = true; } active = txn; } if (txns.length > 0) { activate(txns[0]); } return { add: function(txnData) { txns.unshift(JSON.parse(txnData)); preprocessTxn(txns[0]); if (!active) { activate(txns[0]); } }, all: function() { return txns; }, active: function(txn) { if (!txn) { return active; } else { activate(txn); } }, isActive: function(txn) { return !!active && txn.Id == active.Id; } }; }); ngrok.directive({ "keyval": function() { return { scope: { title: "@", tuples: "=", }, replace: true, restrict: "E", template: "" + '
' + '
{{title}}
' + '' + '' + '' + '' + '' + '
{{ key }}{{ value }}
' + '
', link: function($scope) { $scope.hasKeys = function() { for (key in $scope.tuples) { return true; } return false; }; } }; }, "tabs": function() { return { scope: { "tabs": "@", "btn": "@", "onbtnclick": "&" }, replace: true, template: '' + '
    ' + '
  • ' + '{{tab}}' + '
    • ' + '
    • ' + '
', link: function postLink(scope, element, attrs) { scope.tabNames = attrs.tabs.split(","); scope.activeTab = scope.tabNames[0]; scope.setTab = function(t) { scope.activeTab = t; }; scope.$parent.isTab = scope.isTab = function(t) { return t == scope.activeTab; }; }, }; }, "body": function() { return { scope: { "body": "=", "binary": "=" }, template: '' + '
' + '{{ body.Length }} bytes ' + '{{ body.RawContentType }}' + '
' + '' + '
' + '
' + '
' + '' + '
' + '' + '
' + '
' + '{{ body.Error }}' + '
', link: function($scope, $elem) { $scope.$watch(function() { return $scope.body; }, function() { if ($scope.body && $scope.body.ErrorOffset > -1) { var offset = $scope.body.ErrorOffset; function textNodes(node) { var textNodes = []; function getTextNodes(node) { if (node.nodeType == 3) { textNodes.push(node); } else { for (var i = 0, len = node.childNodes.length; i < len; ++i) { getTextNodes(node.childNodes[i]); } } } getTextNodes(node); return textNodes; } var tNodes = textNodes($elem.find("code").get(0)); for (var i=0; i\s{0,}<") .replace(/ or -1) { str += shift[deep]+ar[ix]; inComment = true; // end comment or // if(ar[ix].search(/-->/) > -1 || ar[ix].search(/\]>/) > -1 || ar[ix].search(/!DOCTYPE/) > -1 ) { inComment = false; } } else // end comment or // if(ar[ix].search(/-->/) > -1 || ar[ix].search(/\]>/) > -1) { str += ar[ix]; inComment = false; } else // // if( /^<\w/.exec(ar[ix-1]) && /^<\/\w/.exec(ar[ix]) && /^<[\w:\-\.\,]+/.exec(ar[ix-1]) == /^<\/[\w:\-\.\,]+/.exec(ar[ix])[0].replace('/','')) { str += ar[ix]; if(!inComment) deep--; } else // // if(ar[ix].search(/<\w/) > -1 && ar[ix].search(/<\//) == -1 && ar[ix].search(/\/>/) == -1 ) { str = !inComment ? str += shift[deep++]+ar[ix] : str += ar[ix]; } else // ... // if(ar[ix].search(/<\w/) > -1 && ar[ix].search(/<\//) > -1) { str = !inComment ? str += shift[deep]+ar[ix] : str += ar[ix]; } else // // if(ar[ix].search(/<\//) > -1) { str = !inComment ? str += shift[--deep]+ar[ix] : str += ar[ix]; } else // // if(ar[ix].search(/\/>/) > -1 ) { str = !inComment ? str += shift[deep]+ar[ix] : str += ar[ix]; } else // // if(ar[ix].search(/<\?/) > -1) { str += shift[deep]+ar[ix]; } else // xmlns // if( ar[ix].search(/xmlns\:/) > -1 || ar[ix].search(/xmlns\=/) > -1) { str += shift[deep]+ar[ix]; } else { str += ar[ix]; } } return (str[0] == '\n') ? str.slice(1) : str; } vkbeautify.prototype.json = function(text,step) { var step = step ? step : this.step; if (typeof JSON === 'undefined' ) return text; if ( typeof text === "string" ) return JSON.stringify(JSON.parse(text), null, step); if ( typeof text === "object" ) return JSON.stringify(text, null, step); return text; // text is not string nor object } vkbeautify.prototype.css = function(text, step) { var ar = text.replace(/\s{1,}/g,' ') .replace(/\{/g,"{~::~") .replace(/\}/g,"~::~}~::~") .replace(/\;/g,";~::~") .replace(/\/\*/g,"~::~/*") .replace(/\*\//g,"*/~::~") .replace(/~::~\s{0,}~::~/g,"~::~") .split('~::~'), len = ar.length, deep = 0, str = '', ix = 0, shift = step ? createShiftArr(step) : this.shift; for(ix=0;ix/g,"") .replace(/[ \r\n\t]{1,}xmlns/g, ' xmlns'); return str.replace(/>\s{0,}<"); } vkbeautify.prototype.jsonmin = function(text) { if (typeof JSON === 'undefined' ) return text; return JSON.stringify(JSON.parse(text), null, 0); } vkbeautify.prototype.cssmin = function(text, preserveComments) { var str = preserveComments ? text : text.replace(/\/\*([^*]|[\r\n]|(\*+([^*/]|[\r\n])))*\*+\//g,"") ; return str.replace(/\s{1,}/g,' ') .replace(/\{\s{1,}/g,"{") .replace(/\}\s{1,}/g,"}") .replace(/\;\s{1,}/g,";") .replace(/\/\*\s{1,}/g,"/*") .replace(/\*\/\s{1,}/g,"*/"); } vkbeautify.prototype.sqlmin = function(text) { return text.replace(/\s{1,}/g," ").replace(/\s{1,}\(/,"(").replace(/\s{1,}\)/,")"); } window.vkbeautify = new vkbeautify(); })(); ================================================ FILE: assets/client/tls/ngrokroot.crt ================================================ -----BEGIN CERTIFICATE----- MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= -----END CERTIFICATE----- ================================================ FILE: assets/client/tls/snakeoilca.crt ================================================ -----BEGIN CERTIFICATE----- MIIFFDCCAvwCCQCkbN0RG/o15DANBgkqhkiG9w0BAQUFADBMMQswCQYDVQQGEwJV UzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEChMJbmdyb2suY29tMRQwEgYD VQQDFAsqLm5ncm9rLmNvbTAeFw0xMzA2MDMwMzUxNTZaFw0yMzA2MDEwMzUxNTZa MEwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQKEwlu Z3Jvay5jb20xFDASBgNVBAMUCyoubmdyb2suY29tMIICIjANBgkqhkiG9w0BAQEF AAOCAg8AMIICCgKCAgEA6QryXeKl8AWWa9uG2UbSOpooH74zLkXs3FZfk9gKvqki zXXQCRmtU6Dyn0+OuS3sE/rRmZAsSjkQG/YDtdE/SgL4dV6S62qiQngPokjR0USh PC4Hwb8TjM9W5Cd+owVzMQ0vl0AYhQk8Yc/0vX+zDOwmRWGjNKPq422usF9CJFc/ 8QY+ODJDHun8VVAkq3XfcPXgytHIqxvSJnYgDouFCA+GTsKp/65S5cigSlIrQZbH 775cTWhCjvYnq6gzyrk3RiGdb1IGuIJftMJxuJyJVbfTFtqgMGTmjHZxiLvM7dz7 j/bmrz4PvnhbQSZZLhsvP1o8mxnoNMpo/To5tHp/Ts6b5FQNL7FHpmOVLAoQ3FdX VryTjoSjiE3JLDGZINQ9MFEPgPzR8mrzqFo/6e7uB4AYlKoQo01Kzx+YmVwRKEtr VCTRZRcl66+gMkcX0ryoVnggjIWWu4d8uAh3jf++Kd0Djb/l7DCPpEgSJwZYTjCL Z6SxiBwQ4o9dEQadMGgk3tlDFCBsrHoq7NyzvXHP0BF2HKb8KREBEKCIuQj9RChW g07zmOpjngWs0CXaYly+TDP+5DZCMGD9kmXkQY9q/zqqvMt+T+/TBK9lwUsoi2Uc v93wS+TNu06aRopqPo9YZr38ka3xKPiO964pk2BoFN57g767G8k9TbhkBxitvFUC AwEAATANBgkqhkiG9w0BAQUFAAOCAgEARf/hVYntzUwFUgQrWD0l/UaCBgrlvxVC yUa8Isj3vezAhFSyZntEL+ELFv8vvQbtBGHH/tCn76WuqjwOjVL23yxkaJsrnR9+ TRNFnVeB8157+IF6HKzLCL/HIAiQ0kw/2OSLD0lZnAkg24A0/9SHcpI5GA0WlThE 4GqgcUiN9m+mL8jWG3gj+SXC7IcVS3vAvS1J7Kz0NzTh1dYkQNWJlauO2Qn95T99 plkPPh87yZO9a9bxpX9PUJkTJzOwUkZISRZEbTA0CfspUpq/phzuTViy7o2fr+To xVVa2aKT912vlQadWw5oqEK7xyxTqsYwV7CUljtCnhpS7wOZhwzI3qUk9HKH0Rt9 /HQsANuSikZosNvdM3/hv3c5DRUOwKiKdbgZCyqQf8XSeJRM1iQvcHo8U8kEJEEt dmftn+0gH3RPsV028+7XD6wraqfc7dzNzLnq2rDLSAfG3T7pp0n19JyUieWsTR45 pGcwNpXDk+weqQKknwbNoha3o51Xq/1nhRtqrUPIEgOnBWBCV8vkhXMh9Vbe+oAm LmweN1Mr6MjrHWddVn+JGcB5p+AMWr8zE+bhpPCAnupFR98z3fbOleMCWq6Q+hMP MUThqJROHamHRIJ3Iz8whIrj7EKkDBKLEfE1ExS3B9VQ+YdHy6sjexdmCIQgElq4 4SMuY/JkZlo= -----END CERTIFICATE----- ================================================ FILE: assets/server/tls/snakeoil.crt ================================================ -----BEGIN CERTIFICATE----- MIIFDDCCAvQCAQEwDQYJKoZIhvcNAQEFBQAwTDELMAkGA1UEBhMCVVMxEzARBgNV BAgTCkNhbGlmb3JuaWExEjAQBgNVBAoTCW5ncm9rLmNvbTEUMBIGA1UEAxQLKi5u Z3Jvay5jb20wHhcNMTMwNjAzMDQyMzAwWhcNMjMwNjAxMDQyMzAwWjBMMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEChMJbmdyb2suY29t MRQwEgYDVQQDFAsqLm5ncm9rLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC AgoCggIBANouXC6wJacPIFYEiKIGGhliShxsy181LJ064ZTD3ARMTi9ONOsRkHXT oM0CV1ZNDniPp3JILiGL52FPp0hdJegQ+pzz/gDjX0h9MCWexM4sqLpY0TfEqk9l HWKPJg+ODK8wa1/wuQOK++m/XY3wcbZgLj23EHcGybl/xGJkaeaqGNvrJo/4RgSL /jTpp0dDWKUmKBpTH4PuD6bkl8qKQAP1eul6ZS+Gr/llFYJWqwgd3SD3Wh/61Y4n 6sDusem2NQltnlFwe5VS1LfopVtO3e2N5fveEUdbg2YDs7evNYVK+1i0kjo0dD3D tbmhe13OQ/baufxcHc1xjtGsJ57ws8nePL4eo+vFuD5Qjc9ESfzunSem0hC5AJgF rsWzIYsr7UsiuKG4gQdD17L+DogVCqRcdYXugrPEJONi8YG3eRRP/Q9klX4PWy7O Zj7KX/xBrvS5GeDNqrDVsPL0W24FJ//Sus7BSF0fc5DSYqtD4Zgf1GRi0+xSa3m9 AgJwWOHm6iC0mHwddozPLd+CP/M7PYzPRDiWY/ehoCFiqRAglYO0mhKyJvoTOjq6 TBYYp/8LcbqfqUkI6DSnZ2fNdXKDyirMSOT4K1ug1MHaq8obucLqx+5Hie5d6CKR gnN15sJwGKIy27fg6LAzi1GWuCzZ1kHqjuQh3oVfuBKnFfsdLUnFAgMBAAEwDQYJ KoZIhvcNAQEFBQADggIBADael2+SR8LC5xNCBcu4eqmil30Whb7qqr16EHU/MSQb nmFMxBqTa2B8RDZIIkb7LukH8rsAdU8Bzkc2yRdjoAfEMMcJA/fMpwuaXI5cuaKV idZFpNUyR+K5UG/CntcCvwzZp4//g+LVK9qPDZ2BJmA/PMR6OphRwRwG+ruSLUCi ywgFFhNlPMpPZ49vsFm/Q0A4JmLpZXaARt53zNbNiHT1FgTP/9L1HIpkbfoFQT6R pB/VYe8O+GmrwaL3l+L8aO07JRM+u0OKNPxOgxWgE7UngiWulXpnIHAXYxTVMQ8V 1IYutv9bYJ/+TAy9Kxzc4Q33K+5qvS58GCAjOF10NnHkiTQPbhUWISoj21eZJ1hb Z4BbC5z/Y8zNbMao0ACF0QmlnXlt0YrkjkcZQuqerzpC6YMw32vsemREc55X9UQM mVbnDah4xyPM+yNIg/uKHVTYJ6+4TttWEp1JGRaP2EOYr0yGe4XFFrKIPH2DlApM nNfqR+Mfx9WZS3n6FuWPGWUDBye2fdxOjW9Jwc/+JDR3BsS65LlzPrs6C8TcNnnD EdWJ4klYzWkuSdUiV1EXbsB1sSIKmUud2f4vJuOqlBsgS8/mTxjk123uXaN9zaN6 A9cMWQI2MbobK0HErkk0QyNTtVTKumEEko/c2ktsn8lrdJcKqCeQ9EKwp6r0Lmtp -----END CERTIFICATE----- ================================================ FILE: assets/server/tls/snakeoil.key ================================================ -----BEGIN RSA PRIVATE KEY----- MIIJKAIBAAKCAgEA2i5cLrAlpw8gVgSIogYaGWJKHGzLXzUsnTrhlMPcBExOL040 6xGQddOgzQJXVk0OeI+nckguIYvnYU+nSF0l6BD6nPP+AONfSH0wJZ7EziyouljR N8SqT2UdYo8mD44MrzBrX/C5A4r76b9djfBxtmAuPbcQdwbJuX/EYmRp5qoY2+sm j/hGBIv+NOmnR0NYpSYoGlMfg+4PpuSXyopAA/V66XplL4av+WUVglarCB3dIPda H/rVjifqwO6x6bY1CW2eUXB7lVLUt+ilW07d7Y3l+94RR1uDZgOzt681hUr7WLSS OjR0PcO1uaF7Xc5D9tq5/FwdzXGO0awnnvCzyd48vh6j68W4PlCNz0RJ/O6dJ6bS ELkAmAWuxbMhiyvtSyK4obiBB0PXsv4OiBUKpFx1he6Cs8Qk42Lxgbd5FE/9D2SV fg9bLs5mPspf/EGu9LkZ4M2qsNWw8vRbbgUn/9K6zsFIXR9zkNJiq0PhmB/UZGLT 7FJreb0CAnBY4ebqILSYfB12jM8t34I/8zs9jM9EOJZj96GgIWKpECCVg7SaErIm +hM6OrpMFhin/wtxup+pSQjoNKdnZ811coPKKsxI5PgrW6DUwdqryhu5wurH7keJ 7l3oIpGCc3XmwnAYojLbt+DosDOLUZa4LNnWQeqO5CHehV+4EqcV+x0tScUCAwEA AQKCAgBb6Ru8L0gtUBn3IoHMf3WPK/C8eLhTqzrYIW3WFYwh42MsWm3AeO26NSSQ OGRCXsOx1hJb+jw0tZMLU1rNCTBmyoBIjiB6j04cY2Bc+L0/fWC236ODMr3sJFR0 qIkIFHcTdfpFuEq4S1xD4/GtUZUVlv7j0LKG8b0Y/9HjARn7qbw/KJheHeChGbhE 4gkt5Bj7uU87h7jHAwpk6/dlw0ekY00b/guSMdL/5K1i8s+p46q7sHeu8SP1dqtW Cze3lKJTDnKbLB9jkDk8IC1IgbjL0fMIX0w4Gz0HRJf40T5ioGuxup+/FUnCmyd6 w6QMqE/JNesTfFqxqRzZBwTJ1+xkXkSFmFhZ9McfxmEtozau0LH6TtkGmHvfmn6/ I8ImlIRyHGOUVHsEAR8c7aD9dag0LbXmjyolfin8Dow130/G3hTXYnDETx66k1RT Bh6kDEYvuxvFqkXYKRAu5u11vQA9udYqN4i+htQ2OOYOEKNX8Kxy562rXgd85MyT eTL4Dmh/6J7VtWG4nN2G8pnj5Lg99Q8fzEFQmFLFcK0kJwHu04pJaqrHL+uHHd5T KOfPAr0pUbeu2sVd9chgDhADUE1/8YPhSCsHudM4No4tDCZVEqKJ1pGLCpUw3H1v h0aA/B582p2CGFpGoInKfFKvUbYt2neDZZQygmYCUHywqNxQAQKCAQEA/H0MCJYV VRRLufZkz3fpC+wT+coqbguwrT2bpVBuNdvyDKYIkbcSDtIVNsO/1p1/CGormDll k1jNFhR+lqBB8QQfb1ZetPohxzPNncPiJypb9Uivu7GG1MNUHJUecFt8uITcY93s UgRBVsCpLgUP7SF6m1Mpu2BaXQ/sEM8dYCSmt4Fax7LW00cIpLleZmCXoc/jsTUM ixYTM5r5UWXBhl196Lfu+WjTmoxGgFeTwF8x1wuo7mQvPfripvUX/bjGR4o5JQOw 1I0XK13yrhFkEAIV61nHBGiyhmJShPaSI2uDudx0ZkfuUIM1UFvqeqWsjATaLmOW X7lE0qNg75lsRQKCAQEA3Tcqgviss9a4Owr0BagleObUnTMFzk8bgpemNdzi47eG 7C572Wx8Gs6XgNbO28lpE0PD7KU/Rvt36wP9mzGiP0M3Zr4h81AfLvftoMMs6ytk wHJOdtPUCZqvnblvKOI409nGnoUD+3nfH/qqHk4ZL3fn4vHbxwModZfOXRrH2hJr EVqAnnexi9S0JbJJxdcSlBMI5vQMKGLCj52C2mfcF+XRMuF88bwfJ7Xcb3yhyv8i pXHHZZ9QKE7eG76UO+EGKz8gn3wWKuh5HXp3HoyKidgzXtPIbu8fd4UzXl/BTMFc jWAG0Ycsm5dTobQ0Yo0Xeju5Hs5QCtItY7OAFsH/gQKCAQBBCTC9UXNjO9wZpYbo DdoAkSnAELwHJom2xgS+e044H1Rkv6u7ZO2I1cJTHe7fKChdkYNzLW2lm50QD+1f fR4fJ9G1CwlQEpH6zrQq7Bbnwbh4IOXrMdoqGbojtqFljZs9qDNgofxKUABIiU3K pdEpYpNDSROZyULdb8l9tuu5JRewcuhgQgel2kk2rOzM8Bp+up7KuYBmnyQJCeUo e05y/sf81sv+gGrpBzLtwiEzzxF2c/FqnnGwxFv3Z3BrkVm5ebgoeZ/l0AXkzMlC 3wXoPbFJsxFZaGJ7zP22dBDGgN4oVMnCwsp3AKUN8u8d8mjUlDdi9ZH5TC6XFzBT 5zAFAoIBAFCjlXmc0MfV096iBYYyX0aNTp/nQ4yLRcn7IfmshYDhG+vonfkKFMto 1819gHaaGxWMtFUFf+WOMY6YK9Bw7WYGSKHJWXLqmBN1CUh7HVq0vMtyX6vtV/QQ UUg7movau0BuuHp8npEDQhTUOUNG0ON+4CbYZ3dKbWtAZVeHNacG48S1qwEZPL1u UiUTstTNq9YSgkI+YFgweCAGGPcouRB1FCdqDzPHkcvV/X8efZQUITsSGM+wnXW0 Gj8e38ZcJvWI04mPoD0P9WaLh/S44p+REljU9tGJlXzqL2mNmlcyfVyDzrh+gAJP zYq6uAXczNwf/UF/j6oCJ82aV2z0VwECggEBAJga2Kb1ovNLMQ8Vum1tE8BOku9D hTVpz+sFugZuY5Dzl9sPGT3UXGjZZ8pGEGpLPQK2YP5yc+ehCng3ePtXV0sPUR5W 17jibM2JYFkR9RJCCA8c++2OwxZTVJcSDUkHG7cpl5QLbzOJAWG78EziiNqZEyC0 RsYKPad6e0enYtPvYlnCYr77Y4KN6mU5Ot3OzqGeP4++dUMznL21vb2wmO6xHLR0 Mwa6w7fIXYNAOuCk0GMeYzSHZT7ZYytUUhiiTVbHZuazJR6JyR7yf3dnjkPfRVHe qLsKIVNbyWayop61fNZWfN4FgLMmUDzCNNDz9sFX09Jm1QaEo+Dun7Dw8Ss= -----END RSA PRIVATE KEY----- ================================================ FILE: contrib/com.ngrok.client.plist ================================================ KeepAlive Label com.ngrok.client ProgramArguments /usr/local/bin/ngrok -log stdout -subdomain mySubDomain 80 StandardOutPath /tmp/ngrok.log StandardErrorPath /tmp/ngrok.log ================================================ FILE: docs/CHANGELOG.md ================================================ # Changelog ## 1.7 - 6/6/2014 - IMPROVEMENT: Print a better help message when run without any arguments - IMPROVEMENT: Display useful help message and instructions when double-clicked from explorer on Windows - IMPROVEMENT: ngrok now uses the specified server_addr to set the SNI header instead of forcing ngrokd.ngrok.com - IMPROVEMENT: ngrok now uses equinox.io for automatic updates with greater speed and safety - IMPROVEMENT: Many documentation improvements - IMPROVEMENT: Added example plist file for autostart on OS X - BUGFIX: Fixed an issue where ngrok could crash when parsing some websocket requests - BUGFIX: Fixed an issue where the web UI would truncate the raw request to 8192 bytes - BUGFIX: Fixed an issue where ngrok could not replay requests where the request was larger than 8192 bytes - BUGFIX: Fixed an issue where the web UI would not update in realtime when not accessed over localhost - BUGFIX: Fixed an unlikely race condition in ngrokd when loading the tunnel URL cache - BUGFIX: Check for a valid server address without trying to resolve for less confusing errors ## 1.6 - 10/25/2013 - BUGFIX: Fixed a goroutine/memory leak in ngrok/proto's parsing of http traffic - IMPROVEMENT: The web inspection API can now be disabled again by setting inspect_addr: disabled in the config file ## 1.5 - 10/20/2013 - FEATURE: Added support a "remote_port" configuration parameter that lets you request a specific remote port for TCP tunnels - IMPROVEMENT: Upload instructions on crash reports are displayed after the dump where it is more likely to be seen - IMPROVEMENT: Improvements to ngrok's logging for easier debugging - IMPROVEMENT: Batch metric reporting to Keen to not be limited by the speed of their API at high request loads - IMPROVEMENT: Added additional safety to ensure the server doesn't crash on panics() - BUGFIX: Fixed an issue with prefetching tunnel connections that could hang tunnel connections when behind an aggressive NAT - BUGFIX: Fixed a race condition where ngrokd could send back a different message instead of AuthResp first - BUGFIX: Fixed an issue where under some circumstances, reconnecting would fail and tell the client the tunnels were still in use - BUGFIX: Fixed an issue where a race-condition with handling pings could cause a tunnel to hang forever and stop handling requests ## 1.4 - 09/27/2013 - BUGFIX: Fixed an issue where long URL paths were not truncated in the terminal UI - BUGFIX: Fixed an issue where long URL paths ruined the web UI's formatting - BUGFIX: Fixed an issue where authtokens would not be remembered if an existing configuration file didn't exist ## 0.23 - 09/06/2013 - BUGFIX: Fixed a bug which caused some important HTTP headers to be omitted from request introspection and replay ## 0.22 - 09/04/2013 - FEATURE: ngrok now tunnels websocket requests ## 0.21 - 08/17/2013 - IMPROVEMENT: The ngrok web ui can now be disabled with -webport=-1 ## 0.20 - 08/17/2013 - BUGFIX: Fixed a bug where ngrok would not stop its autoupdate loop even after it should stop ## 0.19 - 08/17/2013 - BUGFIX: Fixed a bug where ngrok's would loop infinitely trying to checking for updates after the second update check - BUGFIX: Fixed a race condition in ngrokd's metrics logging immediately after start up ## 0.18 - 08/15/2013 - BUGFIX: Fixed a bug where ngrok would compare the Host header for virtual hosting using case-sensitive comparisons - BUGFIX: Fixed a bug where ngrok would not include the port number in the virtual host when not serving on port 80 - BUGFIX: Fixed a bug where ngrok would crash when trying to replay a request - IMPROVEMENT: ngrok can now indicate manual updates again - IMPROVEMENT: ngrok can now supports update channels - IMPROVEMENT: ngrok can now detect some updates that will fail before downloading ## 0.17 - 07/30/2013 - BUGFIX: Fixed an issue where ngrok's registry cache would return a URL from a different protocol ## 0.16 - 07/30/2013 - BUGFIX: Fixed an issue where ngrok would crash when parsing bad XML that wasn't a syntax error - BUGFIX: Fixed an issue where ngrok would crash when parsing bad JSON that wasn't a syntax error - BUGFIX: Fixed an issue where the web ui would sometimes not update the request body when changing requests - BUGFIX: Fixed an issue where ngrokd's registry cache would not load from file - BUGFIX: Fixed an issue where ngrokd's registry cache would not save to file - BUGFIX: Fixed an issue where ngrok would refuse requests with an Authorization header if no HTTP auth was specified. - BUGFIX: Fixed a bug where ngrok would fail to cross-compile in you hadn't compiled natively first - IMPROVEMENT: ngrok's registry cache now handles and attempts to restore TCP URLs - IMPROVEMENT: Added simple Travis CI integration to make sure ngrok compiles ## 0.15 - 07/27/2013 - FEATURE: ngrok can now update itself automatically ## 0.14 - 07/03/2013 - BUGFIX: Fix an issue where ngrok could never save/load the authtoken file on linux - BUGFIX: Fix an issue where ngrok wouldn't emit log messages while loading authtokens ## 0.13 - 07/02/2013 - FEATURE: -hostname switch on client allows you to run tunnels over custom domains (requires you CNAME your DNS) - IMPROVEMENT: ngrok client UI now shows the client IP address for a request - IMPROVEMENT: ngrok client UI now shows how long ago a request was made (uservoice request 4127487) - IMPROVEMENT: ngrokd now uses and LRU cache for tunnel affinity data - IMPROVEMENT: ngrokd can now save and restore its tunnel affinity cache to a file to preserve across restarts ## 0.12 - 06/30/2013 - IMPROVEMENT: Improved developer documentation - IMPROVEMENT: Simplified build process with custom version of go-bindata that compiles assets into binary releases - BUGFIX: GitHub issue #4: Raw/Binary requests bodies are no longer truncated at 8192 bytes. ================================================ FILE: docs/DEVELOPMENT.md ================================================ # Developer's guide to ngrok ## Components The ngrok project is composed of two components, the ngrok client (ngrok) and the ngrok server (ngrokd). The ngrok client is the more complicated piece because it has UIs for displaying saved requests and responses. ## Compiling git clone git@github.com:inconshreveable/ngrok.git cd ngrok && make bin/ngrok [LOCAL PORT] There are Makefile targets for compiling just the client or server. make client make server **NB: You must compile with Go 1.1+! You must have Mercurial SCM Installed.** ### Compiling release versions Both the client and the server contain static asset files. These include TLS/SSL certificates and the html/css/js for the client's web interface. The release versions embed all of this data into the binaries themselves, whereas the debug versions read these files from the filesystem. *You should always develop on debug versions so that you don't have to recompile when testing changes in the static assets.* There are Makefile targets for compiling the client and server for releases: make release-client make release-server make release-all ## Developing locally The strategy I use for developing on ngrok is to do the following: Add the following lines to /etc/hosts: 127.0.0.1 ngrok.me 127.0.0.1 test.ngrok.me Run ngrokd with the following options: ./bin/ngrokd -domain ngrok.me Create an ngrok configuration file, "debug.yml" with the following contents: server_addr: ngrok.me:4443 tunnels: test: proto: http: 8080 Then run ngrok with either of these commands: ./bin/ngrok -config=debug.yml -log=ngrok.log start test ./bin/ngrok -config=debug.yml -log=ngrok.log -subdomain=test 8080 This will get you setup with an ngrok client talking to an ngrok server all locally under your control. Happy hacking! ## Network protocol and tunneling At a high level, ngrok's tunneling works as follows: ### Connection Setup and Authentication 1. The client initiates a long-lived TCP connection to the server over which they will pass JSON instruction messages. This connection is called the *Control Connection*. 1. After the connection is established, the client sends an *Auth* message with authentication and version information. 1. The server validates the client's *Auth* message and sends an *AuthResp* message indicating either success or failure. ### Tunnel creation 1. The client may then ask the server to create tunnels for it by sending *ReqTunnel* messages. 1. When the server receives a *ReqTunnel* message, it will send 1 or more *NewTunnel* messages that indicate successful tunnel creation or indicate failure. ### Tunneling connections 1. When the server receives a new public connection, it locates the appropriate tunnel by examining the HTTP host header (or the port number for TCP tunnels). This connection from the public internet is called a *Public Connection*. 1. The server sends a *ReqProxy* message to the client over the control connection. 1. The client initiates a new TCP connection to the server called a *Proxy Connection*. 1. The client sends a *RegProxy* message over the proxy connection so the server can associate it to a control connection (and thus the tunnels it's responsible for). 1. The server sends a *StartProxy* message over the proxy connection with metadata information about the connection (the client IP and name of the tunnel). 1. The server begins copying the traffic byte-for-byte from the public connection to the proxy connection and vice-versa. 1. The client opens a connection to the local address configured for that tunnel. This is called the *Private Connection*. 1. The client begins copying the traffic byte-for-byte from the proxied connection to the private connection and vice-versa. ### Detecting dead tunnels 1. In order to determine whether a tunnel is still alive, the client periodically sends Ping messages over the control connection to the server, which replies with Pong messages. 1. When a tunnel is detected to be dead, the server will clean up all of that tunnel's state and the client will attempt to reconnect and establish a new tunnel. ### Wire format Messages are sent over the wire as netstrings of the form: The message length is sent as a 64-bit little endian integer. ### Code The definitions and shared protocol routines lives under _src/ngrok/msg_ #### src/ngrok/msg/msg.go All of the different message types (Auth, AuthResp, ReqTunnel, RegProxy, StartProxy, etc) are defined here and their fields documented. This is a good place to go to understand exactly what messages are sent between the client and server. ## ngrokd - the server ### Code Code for the server lives under src/ngrok/server ### Entry point The ngrokd entry point is in _src/ngrok/server/main.go_. There is a stub at _src/ngrok/main/ngrokd/ngrokd.go_ for the purposes of creating a properly named binary and being in its own "main" package to comply with go's build system. ## ngrok - the client ### Code Code for the client lives under src/ngrok/client ### Entry point The ngrok entry point is in _src/ngrok/client/main.go_. There is a stub at _src/ngrok/main/ngrok/ngrok.go_ for the purposes of creating a properly named binary and being in its own "main" package to comply with go's build system. ## Static assets The html and javascript code for the ngrok web interface as well as other static assets like TLS/SSL certificates live under the top-level _assets_ directory. ## Beyond More documentation can be found in the comments of the code itself. ================================================ FILE: docs/SELFHOSTING.md ================================================ # How to run your own ngrokd server Running your own ngrok server is really easy! The instructions below will guide you along your way! ## 1. Get an SSL certificate ngrok provides secure tunnels via TLS, so you'll need an SSL certificate. Assuming you want to create tunnels on *.example.com, buy a wildcard SSL certificate for *.example.com. Note that if you don't need to run https tunnels that you don't need a wildcard certificate. (In fact, you can just use a self-signed cert at that point, see the section on that later in the document). ## 2. Modify your DNS You need to use the DNS management tools given to you by your provider to create an A record which points *.example.com to the IP address of the server where you will run ngrokd. ## 3. Compile it You can compile an ngrokd server with the following command: make release-server Make sure you compile it with the GOOS/GOARCH environment variables set to the platform of your target server. Then copy the binary over to your server. ## 4. Run the server You'll run the server with the following command. ./ngrokd -tlsKey="/path/to/tls.key" -tlsCrt="/path/to/tls.crt" -domain="example.com" ### Specifying your TLS certificate and key ngrok only makes TLS-encrypted connections. When you run ngrokd, you'll need to instruct it where to find your TLS certificate and private key. Specify the paths with the following switches: -tlsKey="/path/to/tls.key" -tlsCrt="/path/to/tls.crt" ### Setting the server's domain When you run your own ngrokd server, you need to tell ngrokd the domain it's running on so that it knows what URLs to issue to clients. -domain="example.com" ## 5. Configure the client In order to connect with a client, you'll need to set two options in ngrok's configuration file. The ngrok configuration file is a simple YAML file that is read from ~/.ngrok by default. You may specify a custom configuration file path with the -config switch. Your config file must contain the following two options. server_addr: example.com:4443 trust_host_root_certs: true Substitute the address of your ngrokd server for "example.com:4443". The "trust_host_root_certs" parameter instructs ngrok to trust the root certificates on your computer when establishing TLS connections to the server. By default, ngrok only trusts the root certificate for ngrok.com. ## 6. Connect with a client Then, just run ngrok as usual to connect securely to your own ngrokd server! ngrok 80 # ngrokd with a self-signed SSL certificate It's possible to run ngrokd with a a self-signed certificate, but you'll need to recompile ngrok with your signing CA. If you do choose to use a self-signed cert, please note that you must either remove the configuration value for trust_host_root_certs or set it to false: trust_host_root_certs: false Special thanks @kk86bioinfo, @lyoshenka and everyone in the thread https://github.com/inconshreveable/ngrok/issues/84 for help in writing up instructions on how to do it: https://gist.github.com/lyoshenka/002b7fbd801d0fd21f2f https://github.com/inconshreveable/ngrok/issues/84 ================================================ FILE: src/ngrok/cache/lru.go ================================================ // Copyright 2012, Google Inc. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // The implementation borrows heavily from SmallLRUCache (originally by Nathan // Schrenk). The object maintains a doubly-linked list of elements in the // When an element is accessed it is promoted to the head of the list, and when // space is needed the element at the tail of the list (the least recently used // element) is evicted. package cache import ( "container/list" "encoding/gob" "fmt" "io" "os" "sync" "time" ) type LRUCache struct { mu sync.Mutex // list & table of *entry objects list *list.List table map[string]*list.Element // Our current size, in bytes. Obviously a gross simplification and low-grade // approximation. size uint64 // How many bytes we are limiting the cache to. capacity uint64 } // Values that go into LRUCache need to satisfy this interface. type Value interface { Size() int } type Item struct { Key string Value Value } type entry struct { key string value Value size int time_accessed time.Time } func NewLRUCache(capacity uint64) *LRUCache { return &LRUCache{ list: list.New(), table: make(map[string]*list.Element), capacity: capacity, } } func (lru *LRUCache) Get(key string) (v Value, ok bool) { lru.mu.Lock() defer lru.mu.Unlock() element := lru.table[key] if element == nil { return nil, false } lru.moveToFront(element) return element.Value.(*entry).value, true } func (lru *LRUCache) Set(key string, value Value) { lru.mu.Lock() defer lru.mu.Unlock() if element := lru.table[key]; element != nil { lru.updateInplace(element, value) } else { lru.addNew(key, value) } } func (lru *LRUCache) SetIfAbsent(key string, value Value) { lru.mu.Lock() defer lru.mu.Unlock() if element := lru.table[key]; element != nil { lru.moveToFront(element) } else { lru.addNew(key, value) } } func (lru *LRUCache) Delete(key string) bool { lru.mu.Lock() defer lru.mu.Unlock() element := lru.table[key] if element == nil { return false } lru.list.Remove(element) delete(lru.table, key) lru.size -= uint64(element.Value.(*entry).size) return true } func (lru *LRUCache) Clear() { lru.mu.Lock() defer lru.mu.Unlock() lru.list.Init() lru.table = make(map[string]*list.Element) lru.size = 0 } func (lru *LRUCache) SetCapacity(capacity uint64) { lru.mu.Lock() defer lru.mu.Unlock() lru.capacity = capacity lru.checkCapacity() } func (lru *LRUCache) Stats() (length, size, capacity uint64, oldest time.Time) { lru.mu.Lock() defer lru.mu.Unlock() if lastElem := lru.list.Back(); lastElem != nil { oldest = lastElem.Value.(*entry).time_accessed } return uint64(lru.list.Len()), lru.size, lru.capacity, oldest } func (lru *LRUCache) StatsJSON() string { if lru == nil { return "{}" } l, s, c, o := lru.Stats() return fmt.Sprintf("{\"Length\": %v, \"Size\": %v, \"Capacity\": %v, \"OldestAccess\": \"%v\"}", l, s, c, o) } func (lru *LRUCache) Keys() []string { lru.mu.Lock() defer lru.mu.Unlock() keys := make([]string, 0, lru.list.Len()) for e := lru.list.Front(); e != nil; e = e.Next() { keys = append(keys, e.Value.(*entry).key) } return keys } func (lru *LRUCache) Items() []Item { lru.mu.Lock() defer lru.mu.Unlock() items := make([]Item, 0, lru.list.Len()) for e := lru.list.Front(); e != nil; e = e.Next() { v := e.Value.(*entry) items = append(items, Item{Key: v.key, Value: v.value}) } return items } func (lru *LRUCache) SaveItems(w io.Writer) error { items := lru.Items() encoder := gob.NewEncoder(w) return encoder.Encode(items) } func (lru *LRUCache) SaveItemsToFile(path string) error { if wr, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644); err != nil { return err } else { defer wr.Close() return lru.SaveItems(wr) } } func (lru *LRUCache) LoadItems(r io.Reader) error { items := make([]Item, 0) decoder := gob.NewDecoder(r) if err := decoder.Decode(&items); err != nil { return err } lru.mu.Lock() defer lru.mu.Unlock() for _, item := range items { // XXX: copied from Set() if element := lru.table[item.Key]; element != nil { lru.updateInplace(element, item.Value) } else { lru.addNew(item.Key, item.Value) } } return nil } func (lru *LRUCache) LoadItemsFromFile(path string) error { if rd, err := os.Open(path); err != nil { return err } else { defer rd.Close() return lru.LoadItems(rd) } } func (lru *LRUCache) updateInplace(element *list.Element, value Value) { valueSize := value.Size() sizeDiff := valueSize - element.Value.(*entry).size element.Value.(*entry).value = value element.Value.(*entry).size = valueSize lru.size += uint64(sizeDiff) lru.moveToFront(element) lru.checkCapacity() } func (lru *LRUCache) moveToFront(element *list.Element) { lru.list.MoveToFront(element) element.Value.(*entry).time_accessed = time.Now() } func (lru *LRUCache) addNew(key string, value Value) { newEntry := &entry{key, value, value.Size(), time.Now()} element := lru.list.PushFront(newEntry) lru.table[key] = element lru.size += uint64(newEntry.size) lru.checkCapacity() } func (lru *LRUCache) checkCapacity() { // Partially duplicated from Delete for lru.size > lru.capacity { delElem := lru.list.Back() delValue := delElem.Value.(*entry) lru.list.Remove(delElem) delete(lru.table, delValue.key) lru.size -= uint64(delValue.size) } } ================================================ FILE: src/ngrok/client/cli.go ================================================ package client import ( "flag" "fmt" "ngrok/version" "os" ) const usage1 string = `Usage: %s [OPTIONS] Options: ` const usage2 string = ` Examples: ngrok 80 ngrok -subdomain=example 8080 ngrok -proto=tcp 22 ngrok -hostname="example.com" -httpauth="user:password" 10.0.0.1 Advanced usage: ngrok [OPTIONS] [command args] [...] Commands: ngrok start [tunnel] [...] Start tunnels by name from config file ngork start-all Start all tunnels defined in config file ngrok list List tunnel names from config file ngrok help Print help ngrok version Print ngrok version Examples: ngrok start www api blog pubsub ngrok -log=stdout -config=ngrok.yml start ssh ngrok start-all ngrok version ` type Options struct { config string logto string loglevel string authtoken string httpauth string hostname string protocol string subdomain string command string args []string } func ParseArgs() (opts *Options, err error) { flag.Usage = func() { fmt.Fprintf(os.Stderr, usage1, os.Args[0]) flag.PrintDefaults() fmt.Fprintf(os.Stderr, usage2) } config := flag.String( "config", "", "Path to ngrok configuration file. (default: $HOME/.ngrok)") logto := flag.String( "log", "none", "Write log messages to this file. 'stdout' and 'none' have special meanings") loglevel := flag.String( "log-level", "DEBUG", "The level of messages to log. One of: DEBUG, INFO, WARNING, ERROR") authtoken := flag.String( "authtoken", "", "Authentication token for identifying an ngrok.com account") httpauth := flag.String( "httpauth", "", "username:password HTTP basic auth creds protecting the public tunnel endpoint") subdomain := flag.String( "subdomain", "", "Request a custom subdomain from the ngrok server. (HTTP only)") hostname := flag.String( "hostname", "", "Request a custom hostname from the ngrok server. (HTTP only) (requires CNAME of your DNS)") protocol := flag.String( "proto", "http+https", "The protocol of the traffic over the tunnel {'http', 'https', 'tcp'} (default: 'http+https')") flag.Parse() opts = &Options{ config: *config, logto: *logto, loglevel: *loglevel, httpauth: *httpauth, subdomain: *subdomain, protocol: *protocol, authtoken: *authtoken, hostname: *hostname, command: flag.Arg(0), } switch opts.command { case "list": opts.args = flag.Args()[1:] case "start": opts.args = flag.Args()[1:] case "start-all": opts.args = flag.Args()[1:] case "version": fmt.Println(version.MajorMinor()) os.Exit(0) case "help": flag.Usage() os.Exit(0) case "": err = fmt.Errorf("Error: Specify a local port to tunnel to, or " + "an ngrok command.\n\nExample: To expose port 80, run " + "'ngrok 80'") return default: if len(flag.Args()) > 1 { err = fmt.Errorf("You may only specify one port to tunnel to on the command line, got %d: %v", len(flag.Args()), flag.Args()) return } opts.command = "default" opts.args = flag.Args() } return } ================================================ FILE: src/ngrok/client/config.go ================================================ package client import ( "fmt" "gopkg.in/yaml.v1" "io/ioutil" "net" "net/url" "ngrok/log" "os" "os/user" "path" "regexp" "strconv" "strings" ) type Configuration struct { HttpProxy string `yaml:"http_proxy,omitempty"` ServerAddr string `yaml:"server_addr,omitempty"` InspectAddr string `yaml:"inspect_addr,omitempty"` TrustHostRootCerts bool `yaml:"trust_host_root_certs,omitempty"` AuthToken string `yaml:"auth_token,omitempty"` Tunnels map[string]*TunnelConfiguration `yaml:"tunnels,omitempty"` LogTo string `yaml:"-"` Path string `yaml:"-"` } type TunnelConfiguration struct { Subdomain string `yaml:"subdomain,omitempty"` Hostname string `yaml:"hostname,omitempty"` Protocols map[string]string `yaml:"proto,omitempty"` HttpAuth string `yaml:"auth,omitempty"` RemotePort uint16 `yaml:"remote_port,omitempty"` } func LoadConfiguration(opts *Options) (config *Configuration, err error) { configPath := opts.config if configPath == "" { configPath = defaultPath() } log.Info("Reading configuration file %s", configPath) configBuf, err := ioutil.ReadFile(configPath) if err != nil { // failure to read a configuration file is only a fatal error if // the user specified one explicitly if opts.config != "" { err = fmt.Errorf("Failed to read configuration file %s: %v", configPath, err) return } } // deserialize/parse the config config = new(Configuration) if err = yaml.Unmarshal(configBuf, &config); err != nil { err = fmt.Errorf("Error parsing configuration file %s: %v", configPath, err) return } // try to parse the old .ngrok format for backwards compatibility matched := false content := strings.TrimSpace(string(configBuf)) if matched, err = regexp.MatchString("^[0-9a-zA-Z_\\-!]+$", content); err != nil { return } else if matched { config = &Configuration{AuthToken: content} } // set configuration defaults if config.ServerAddr == "" { config.ServerAddr = defaultServerAddr } if config.InspectAddr == "" { config.InspectAddr = defaultInspectAddr } if config.HttpProxy == "" { config.HttpProxy = os.Getenv("http_proxy") } // validate and normalize configuration if config.InspectAddr != "disabled" { if config.InspectAddr, err = normalizeAddress(config.InspectAddr, "inspect_addr"); err != nil { return } } if config.ServerAddr, err = normalizeAddress(config.ServerAddr, "server_addr"); err != nil { return } if config.HttpProxy != "" { var proxyUrl *url.URL if proxyUrl, err = url.Parse(config.HttpProxy); err != nil { return } else { if proxyUrl.Scheme != "http" && proxyUrl.Scheme != "https" { err = fmt.Errorf("Proxy url scheme must be 'http' or 'https', got %v", proxyUrl.Scheme) return } } } for name, t := range config.Tunnels { if t == nil || t.Protocols == nil || len(t.Protocols) == 0 { err = fmt.Errorf("Tunnel %s does not specify any protocols to tunnel.", name) return } for k, addr := range t.Protocols { tunnelName := fmt.Sprintf("for tunnel %s[%s]", name, k) if t.Protocols[k], err = normalizeAddress(addr, tunnelName); err != nil { return } if err = validateProtocol(k, tunnelName); err != nil { return } } // use the name of the tunnel as the subdomain if none is specified if t.Hostname == "" && t.Subdomain == "" { // XXX: a crude heuristic, really we should be checking if the last part // is a TLD if len(strings.Split(name, ".")) > 1 { t.Hostname = name } else { t.Subdomain = name } } } // override configuration with command-line options config.LogTo = opts.logto config.Path = configPath if opts.authtoken != "" { config.AuthToken = opts.authtoken } switch opts.command { // start a single tunnel, the default, simple ngrok behavior case "default": config.Tunnels = make(map[string]*TunnelConfiguration) config.Tunnels["default"] = &TunnelConfiguration{ Subdomain: opts.subdomain, Hostname: opts.hostname, HttpAuth: opts.httpauth, Protocols: make(map[string]string), } for _, proto := range strings.Split(opts.protocol, "+") { if err = validateProtocol(proto, "default"); err != nil { return } if config.Tunnels["default"].Protocols[proto], err = normalizeAddress(opts.args[0], ""); err != nil { return } } // list tunnels case "list": for name, _ := range config.Tunnels { fmt.Println(name) } os.Exit(0) // start tunnels case "start": if len(opts.args) == 0 { err = fmt.Errorf("You must specify at least one tunnel to start") return } requestedTunnels := make(map[string]bool) for _, arg := range opts.args { requestedTunnels[arg] = true if _, ok := config.Tunnels[arg]; !ok { err = fmt.Errorf("Requested to start tunnel %s which is not defined in the config file.", arg) return } } for name, _ := range config.Tunnels { if !requestedTunnels[name] { delete(config.Tunnels, name) } } case "start-all": return default: err = fmt.Errorf("Unknown command: %s", opts.command) return } return } func defaultPath() string { user, err := user.Current() // user.Current() does not work on linux when cross compiling because // it requires CGO; use os.Getenv("HOME") hack until we compile natively homeDir := os.Getenv("HOME") if err != nil { log.Warn("Failed to get user's home directory: %s. Using $HOME: %s", err.Error(), homeDir) } else { homeDir = user.HomeDir } return path.Join(homeDir, ".ngrok") } func normalizeAddress(addr string, propName string) (string, error) { // normalize port to address if _, err := strconv.Atoi(addr); err == nil { addr = ":" + addr } host, port, err := net.SplitHostPort(addr) if err != nil { return "", fmt.Errorf("Invalid address %s '%s': %s", propName, addr, err.Error()) } if host == "" { host = "127.0.0.1" } return fmt.Sprintf("%s:%s", host, port), nil } func validateProtocol(proto, propName string) (err error) { switch proto { case "http", "https", "http+https", "tcp": default: err = fmt.Errorf("Invalid protocol for %s: %s", propName, proto) } return } func SaveAuthToken(configPath, authtoken string) (err error) { // empty configuration by default for the case that we can't read it c := new(Configuration) // read the configuration oldConfigBytes, err := ioutil.ReadFile(configPath) if err == nil { // unmarshal if we successfully read the configuration file if err = yaml.Unmarshal(oldConfigBytes, c); err != nil { return } } // no need to save, the authtoken is already the correct value if c.AuthToken == authtoken { return } // update auth token c.AuthToken = authtoken // rewrite configuration newConfigBytes, err := yaml.Marshal(c) if err != nil { return } err = ioutil.WriteFile(configPath, newConfigBytes, 0600) return } ================================================ FILE: src/ngrok/client/controller.go ================================================ package client import ( "fmt" "ngrok/client/mvc" "ngrok/client/views/term" "ngrok/client/views/web" "ngrok/log" "ngrok/proto" "ngrok/util" "sync" ) type command interface{} type cmdQuit struct { // display this message after quit message string } type cmdPlayRequest struct { // the tunnel to play this request over tunnel mvc.Tunnel // the bytes of the request to issue payload []byte } // The MVC Controller type Controller struct { // Controller logger log.Logger // the model sends updates through this broadcast channel updates *util.Broadcast // the model model mvc.Model // the views views []mvc.View // internal structure to issue commands to the controller cmds chan command // internal structure to synchronize access to State object state chan mvc.State // options config *Configuration } // public interface func NewController() *Controller { ctl := &Controller{ Logger: log.NewPrefixLogger("controller"), updates: util.NewBroadcast(), cmds: make(chan command), views: make([]mvc.View, 0), state: make(chan mvc.State), } return ctl } func (ctl *Controller) State() mvc.State { return <-ctl.state } func (ctl *Controller) Update(state mvc.State) { ctl.updates.In() <- state } func (ctl *Controller) Updates() *util.Broadcast { return ctl.updates } func (ctl *Controller) Shutdown(message string) { ctl.cmds <- cmdQuit{message: message} } func (ctl *Controller) PlayRequest(tunnel mvc.Tunnel, payload []byte) { ctl.cmds <- cmdPlayRequest{tunnel: tunnel, payload: payload} } func (ctl *Controller) Go(fn func()) { go func() { defer func() { if r := recover(); r != nil { err := util.MakePanicTrace(r) ctl.Error(err) ctl.Shutdown(err) } }() fn() }() } // private functions func (ctl *Controller) doShutdown() { ctl.Info("Shutting down") var wg sync.WaitGroup // wait for all of the views, plus the model wg.Add(len(ctl.views) + 1) for _, v := range ctl.views { vClosure := v ctl.Go(func() { vClosure.Shutdown() wg.Done() }) } ctl.Go(func() { ctl.model.Shutdown() wg.Done() }) wg.Wait() } func (ctl *Controller) AddView(v mvc.View) { ctl.views = append(ctl.views, v) } func (ctl *Controller) GetWebInspectAddr() string { return ctl.config.InspectAddr } func (ctl *Controller) SetupModel(config *Configuration) *ClientModel { model := newClientModel(config, ctl) ctl.model = model return model } func (ctl *Controller) GetModel() *ClientModel { return ctl.model.(*ClientModel) } func (ctl *Controller) Run(config *Configuration) { // Save the configuration ctl.config = config var model *ClientModel if ctl.model == nil { model = ctl.SetupModel(config) } else { model = ctl.model.(*ClientModel) } // init the model var state mvc.State = model // init web ui var webView *web.WebView if config.InspectAddr != "disabled" { webView = web.NewWebView(ctl, config.InspectAddr) ctl.AddView(webView) } // init term ui var termView *term.TermView if config.LogTo != "stdout" { termView = term.NewTermView(ctl) ctl.AddView(termView) } for _, protocol := range model.GetProtocols() { switch p := protocol.(type) { case *proto.Http: if termView != nil { ctl.AddView(termView.NewHttpView(p)) } if webView != nil { ctl.AddView(webView.NewHttpView(p)) } default: } } ctl.Go(func() { autoUpdate(state, config.AuthToken) }) ctl.Go(ctl.model.Run) updates := ctl.updates.Reg() defer ctl.updates.UnReg(updates) done := make(chan int) for { select { case obj := <-ctl.cmds: switch cmd := obj.(type) { case cmdQuit: msg := cmd.message go func() { ctl.doShutdown() fmt.Println(msg) done <- 1 }() case cmdPlayRequest: ctl.Go(func() { ctl.model.PlayRequest(cmd.tunnel, cmd.payload) }) } case obj := <-updates: state = obj.(mvc.State) case ctl.state <- state: case <-done: return } } } ================================================ FILE: src/ngrok/client/debug.go ================================================ // +build !release package client var ( rootCrtPaths = []string{"assets/client/tls/ngrokroot.crt", "assets/client/tls/snakeoilca.crt"} ) func useInsecureSkipVerify() bool { return true } ================================================ FILE: src/ngrok/client/main.go ================================================ package client import ( "fmt" "github.com/inconshreveable/mousetrap" "math/rand" "ngrok/log" "ngrok/util" "os" "runtime" "time" ) func init() { if runtime.GOOS == "windows" { if mousetrap.StartedByExplorer() { fmt.Println("Don't double-click ngrok!") fmt.Println("You need to open cmd.exe and run it from the command line!") time.Sleep(5 * time.Second) os.Exit(1) } } } func Main() { // parse options opts, err := ParseArgs() if err != nil { fmt.Println(err) os.Exit(1) } // set up logging log.LogTo(opts.logto, opts.loglevel) // read configuration file config, err := LoadConfiguration(opts) if err != nil { fmt.Println(err) os.Exit(1) } // seed random number generator seed, err := util.RandomSeed() if err != nil { fmt.Printf("Couldn't securely seed the random number generator!") os.Exit(1) } rand.Seed(seed) NewController().Run(config) } ================================================ FILE: src/ngrok/client/metrics.go ================================================ package client import ( metrics "github.com/rcrowley/go-metrics" ) const ( sampleSize int = 1028 sampleAlpha float64 = 0.015 ) type ClientMetrics struct { // metrics connGauge metrics.Gauge connMeter metrics.Meter connTimer metrics.Timer proxySetupTimer metrics.Timer bytesIn metrics.Histogram bytesOut metrics.Histogram bytesInCount metrics.Counter bytesOutCount metrics.Counter } func NewClientMetrics() *ClientMetrics { return &ClientMetrics{ connGauge: metrics.NewGauge(), connMeter: metrics.NewMeter(), connTimer: metrics.NewTimer(), proxySetupTimer: metrics.NewTimer(), bytesIn: metrics.NewHistogram(metrics.NewExpDecaySample(sampleSize, sampleAlpha)), bytesOut: metrics.NewHistogram(metrics.NewExpDecaySample(sampleSize, sampleAlpha)), bytesInCount: metrics.NewCounter(), bytesOutCount: metrics.NewCounter(), } } ================================================ FILE: src/ngrok/client/model.go ================================================ package client import ( "crypto/tls" "fmt" metrics "github.com/rcrowley/go-metrics" "io/ioutil" "math" "net" "ngrok/client/mvc" "ngrok/conn" "ngrok/log" "ngrok/msg" "ngrok/proto" "ngrok/util" "ngrok/version" "runtime" "strings" "sync/atomic" "time" ) const ( defaultServerAddr = "ngrokd.ngrok.com:443" defaultInspectAddr = "127.0.0.1:4040" pingInterval = 20 * time.Second maxPongLatency = 15 * time.Second updateCheckInterval = 6 * time.Hour BadGateway = `

Tunnel %s unavailable

Unable to initiate connection to %s. A web server must be running on port %s to complete the tunnel.

` ) type ClientModel struct { log.Logger id string tunnels map[string]mvc.Tunnel serverVersion string metrics *ClientMetrics updateStatus mvc.UpdateStatus connStatus mvc.ConnStatus protoMap map[string]proto.Protocol protocols []proto.Protocol ctl mvc.Controller serverAddr string proxyUrl string authToken string tlsConfig *tls.Config tunnelConfig map[string]*TunnelConfiguration configPath string } func newClientModel(config *Configuration, ctl mvc.Controller) *ClientModel { protoMap := make(map[string]proto.Protocol) protoMap["http"] = proto.NewHttp() protoMap["https"] = protoMap["http"] protoMap["tcp"] = proto.NewTcp() protocols := []proto.Protocol{protoMap["http"], protoMap["tcp"]} m := &ClientModel{ Logger: log.NewPrefixLogger("client"), // server address serverAddr: config.ServerAddr, // proxy address proxyUrl: config.HttpProxy, // auth token authToken: config.AuthToken, // connection status connStatus: mvc.ConnConnecting, // update status updateStatus: mvc.UpdateNone, // metrics metrics: NewClientMetrics(), // protocols protoMap: protoMap, // protocol list protocols: protocols, // open tunnels tunnels: make(map[string]mvc.Tunnel), // controller ctl: ctl, // tunnel configuration tunnelConfig: config.Tunnels, // config path configPath: config.Path, } // configure TLS if config.TrustHostRootCerts { m.Info("Trusting host's root certificates") m.tlsConfig = &tls.Config{} } else { m.Info("Trusting root CAs: %v", rootCrtPaths) var err error if m.tlsConfig, err = LoadTLSConfig(rootCrtPaths); err != nil { panic(err) } } // configure TLS SNI m.tlsConfig.ServerName = serverName(m.serverAddr) m.tlsConfig.InsecureSkipVerify = useInsecureSkipVerify() return m } // server name in release builds is the host part of the server address func serverName(addr string) string { host, _, err := net.SplitHostPort(addr) // should never panic because the config parser calls SplitHostPort first if err != nil { panic(err) } return host } // mvc.State interface func (c ClientModel) GetProtocols() []proto.Protocol { return c.protocols } func (c ClientModel) GetClientVersion() string { return version.MajorMinor() } func (c ClientModel) GetServerVersion() string { return c.serverVersion } func (c ClientModel) GetTunnels() []mvc.Tunnel { tunnels := make([]mvc.Tunnel, 0) for _, t := range c.tunnels { tunnels = append(tunnels, t) } return tunnels } func (c ClientModel) GetConnStatus() mvc.ConnStatus { return c.connStatus } func (c ClientModel) GetUpdateStatus() mvc.UpdateStatus { return c.updateStatus } func (c ClientModel) GetConnectionMetrics() (metrics.Meter, metrics.Timer) { return c.metrics.connMeter, c.metrics.connTimer } func (c ClientModel) GetBytesInMetrics() (metrics.Counter, metrics.Histogram) { return c.metrics.bytesInCount, c.metrics.bytesIn } func (c ClientModel) GetBytesOutMetrics() (metrics.Counter, metrics.Histogram) { return c.metrics.bytesOutCount, c.metrics.bytesOut } func (c ClientModel) SetUpdateStatus(updateStatus mvc.UpdateStatus) { c.updateStatus = updateStatus c.update() } // mvc.Model interface func (c *ClientModel) PlayRequest(tunnel mvc.Tunnel, payload []byte) { var localConn conn.Conn localConn, err := conn.Dial(tunnel.LocalAddr, "prv", nil) if err != nil { c.Warn("Failed to open private leg to %s: %v", tunnel.LocalAddr, err) return } defer localConn.Close() localConn = tunnel.Protocol.WrapConn(localConn, mvc.ConnectionContext{Tunnel: tunnel, ClientAddr: "127.0.0.1"}) localConn.Write(payload) ioutil.ReadAll(localConn) } func (c *ClientModel) Shutdown() { } func (c *ClientModel) update() { c.ctl.Update(c) } func (c *ClientModel) Run() { // how long we should wait before we reconnect maxWait := 30 * time.Second wait := 1 * time.Second for { // run the control channel c.control() // control only returns when a failure has occurred, so we're going to try to reconnect if c.connStatus == mvc.ConnOnline { wait = 1 * time.Second } log.Info("Waiting %d seconds before reconnecting", int(wait.Seconds())) time.Sleep(wait) // exponentially increase wait time wait = 2 * wait wait = time.Duration(math.Min(float64(wait), float64(maxWait))) c.connStatus = mvc.ConnReconnecting c.update() } } // Establishes and manages a tunnel control connection with the server func (c *ClientModel) control() { defer func() { if r := recover(); r != nil { log.Error("control recovering from failure %v", r) } }() // establish control channel var ( ctlConn conn.Conn err error ) if c.proxyUrl == "" { // simple non-proxied case, just connect to the server ctlConn, err = conn.Dial(c.serverAddr, "ctl", c.tlsConfig) } else { ctlConn, err = conn.DialHttpProxy(c.proxyUrl, c.serverAddr, "ctl", c.tlsConfig) } if err != nil { panic(err) } defer ctlConn.Close() // authenticate with the server auth := &msg.Auth{ ClientId: c.id, OS: runtime.GOOS, Arch: runtime.GOARCH, Version: version.Proto, MmVersion: version.MajorMinor(), User: c.authToken, } if err = msg.WriteMsg(ctlConn, auth); err != nil { panic(err) } // wait for the server to authenticate us var authResp msg.AuthResp if err = msg.ReadMsgInto(ctlConn, &authResp); err != nil { panic(err) } if authResp.Error != "" { emsg := fmt.Sprintf("Failed to authenticate to server: %s", authResp.Error) c.ctl.Shutdown(emsg) return } c.id = authResp.ClientId c.serverVersion = authResp.MmVersion c.Info("Authenticated with server, client id: %v", c.id) c.update() if err = SaveAuthToken(c.configPath, c.authToken); err != nil { c.Error("Failed to save auth token: %v", err) } // request tunnels reqIdToTunnelConfig := make(map[string]*TunnelConfiguration) for _, config := range c.tunnelConfig { // create the protocol list to ask for var protocols []string for proto, _ := range config.Protocols { protocols = append(protocols, proto) } reqTunnel := &msg.ReqTunnel{ ReqId: util.RandId(8), Protocol: strings.Join(protocols, "+"), Hostname: config.Hostname, Subdomain: config.Subdomain, HttpAuth: config.HttpAuth, RemotePort: config.RemotePort, } // send the tunnel request if err = msg.WriteMsg(ctlConn, reqTunnel); err != nil { panic(err) } // save request id association so we know which local address // to proxy to later reqIdToTunnelConfig[reqTunnel.ReqId] = config } // start the heartbeat lastPong := time.Now().UnixNano() c.ctl.Go(func() { c.heartbeat(&lastPong, ctlConn) }) // main control loop for { var rawMsg msg.Message if rawMsg, err = msg.ReadMsg(ctlConn); err != nil { panic(err) } switch m := rawMsg.(type) { case *msg.ReqProxy: c.ctl.Go(c.proxy) case *msg.Pong: atomic.StoreInt64(&lastPong, time.Now().UnixNano()) case *msg.NewTunnel: if m.Error != "" { emsg := fmt.Sprintf("Server failed to allocate tunnel: %s", m.Error) c.Error(emsg) c.ctl.Shutdown(emsg) continue } tunnel := mvc.Tunnel{ PublicUrl: m.Url, LocalAddr: reqIdToTunnelConfig[m.ReqId].Protocols[m.Protocol], Protocol: c.protoMap[m.Protocol], } c.tunnels[tunnel.PublicUrl] = tunnel c.connStatus = mvc.ConnOnline c.Info("Tunnel established at %v", tunnel.PublicUrl) c.update() default: ctlConn.Warn("Ignoring unknown control message %v ", m) } } } // Establishes and manages a tunnel proxy connection with the server func (c *ClientModel) proxy() { var ( remoteConn conn.Conn err error ) if c.proxyUrl == "" { remoteConn, err = conn.Dial(c.serverAddr, "pxy", c.tlsConfig) } else { remoteConn, err = conn.DialHttpProxy(c.proxyUrl, c.serverAddr, "pxy", c.tlsConfig) } if err != nil { log.Error("Failed to establish proxy connection: %v", err) return } defer remoteConn.Close() err = msg.WriteMsg(remoteConn, &msg.RegProxy{ClientId: c.id}) if err != nil { remoteConn.Error("Failed to write RegProxy: %v", err) return } // wait for the server to ack our register var startPxy msg.StartProxy if err = msg.ReadMsgInto(remoteConn, &startPxy); err != nil { remoteConn.Error("Server failed to write StartProxy: %v", err) return } tunnel, ok := c.tunnels[startPxy.Url] if !ok { remoteConn.Error("Couldn't find tunnel for proxy: %s", startPxy.Url) return } // start up the private connection start := time.Now() localConn, err := conn.Dial(tunnel.LocalAddr, "prv", nil) if err != nil { remoteConn.Warn("Failed to open private leg %s: %v", tunnel.LocalAddr, err) if tunnel.Protocol.GetName() == "http" { // try to be helpful when you're in HTTP mode and a human might see the output badGatewayBody := fmt.Sprintf(BadGateway, tunnel.PublicUrl, tunnel.LocalAddr, tunnel.LocalAddr) remoteConn.Write([]byte(fmt.Sprintf(`HTTP/1.0 502 Bad Gateway Content-Type: text/html Content-Length: %d %s`, len(badGatewayBody), badGatewayBody))) } return } defer localConn.Close() m := c.metrics m.proxySetupTimer.Update(time.Since(start)) m.connMeter.Mark(1) c.update() m.connTimer.Time(func() { localConn := tunnel.Protocol.WrapConn(localConn, mvc.ConnectionContext{Tunnel: tunnel, ClientAddr: startPxy.ClientAddr}) bytesIn, bytesOut := conn.Join(localConn, remoteConn) m.bytesIn.Update(bytesIn) m.bytesOut.Update(bytesOut) m.bytesInCount.Inc(bytesIn) m.bytesOutCount.Inc(bytesOut) }) c.update() } // Hearbeating to ensure our connection ngrokd is still live func (c *ClientModel) heartbeat(lastPongAddr *int64, conn conn.Conn) { lastPing := time.Unix(atomic.LoadInt64(lastPongAddr)-1, 0) ping := time.NewTicker(pingInterval) pongCheck := time.NewTicker(time.Second) defer func() { conn.Close() ping.Stop() pongCheck.Stop() }() for { select { case <-pongCheck.C: lastPong := time.Unix(0, atomic.LoadInt64(lastPongAddr)) needPong := lastPong.Sub(lastPing) < 0 pongLatency := time.Since(lastPing) if needPong && pongLatency > maxPongLatency { c.Info("Last ping: %v, Last pong: %v", lastPing, lastPong) c.Info("Connection stale, haven't gotten PongMsg in %d seconds", int(pongLatency.Seconds())) return } case <-ping.C: err := msg.WriteMsg(conn, &msg.Ping{}) if err != nil { conn.Debug("Got error %v when writing PingMsg", err) return } lastPing = time.Now() } } } ================================================ FILE: src/ngrok/client/mvc/controller.go ================================================ package mvc import ( "ngrok/util" ) type Controller interface { // how the model communicates that it has changed state Update(State) // instructs the controller to shut the app down Shutdown(message string) // PlayRequest instructs the model to play requests PlayRequest(tunnel Tunnel, payload []byte) // A channel of updates Updates() *util.Broadcast // returns the current state State() State // safe wrapper for running go-routines Go(fn func()) // the address where the web inspection interface is running GetWebInspectAddr() string } ================================================ FILE: src/ngrok/client/mvc/model.go ================================================ package mvc type Model interface { Run() Shutdown() PlayRequest(tunnel Tunnel, payload []byte) } ================================================ FILE: src/ngrok/client/mvc/state.go ================================================ package mvc import ( metrics "github.com/rcrowley/go-metrics" "ngrok/proto" ) type UpdateStatus int const ( UpdateNone = -1 * iota UpdateInstalling UpdateReady UpdateAvailable ) type ConnStatus int const ( ConnConnecting = iota ConnReconnecting ConnOnline ) type Tunnel struct { PublicUrl string Protocol proto.Protocol LocalAddr string } type ConnectionContext struct { Tunnel Tunnel ClientAddr string } type State interface { GetClientVersion() string GetServerVersion() string GetTunnels() []Tunnel GetProtocols() []proto.Protocol GetUpdateStatus() UpdateStatus GetConnStatus() ConnStatus GetConnectionMetrics() (metrics.Meter, metrics.Timer) GetBytesInMetrics() (metrics.Counter, metrics.Histogram) GetBytesOutMetrics() (metrics.Counter, metrics.Histogram) SetUpdateStatus(UpdateStatus) } ================================================ FILE: src/ngrok/client/mvc/view.go ================================================ package mvc type View interface { Shutdown() } ================================================ FILE: src/ngrok/client/release.go ================================================ // +build release package client var ( rootCrtPaths = []string{"assets/client/tls/ngrokroot.crt"} ) func useInsecureSkipVerify() bool { return false } ================================================ FILE: src/ngrok/client/tls.go ================================================ package client import ( _ "crypto/sha512" "crypto/tls" "crypto/x509" "encoding/pem" "fmt" "ngrok/client/assets" ) func LoadTLSConfig(rootCertPaths []string) (*tls.Config, error) { pool := x509.NewCertPool() for _, certPath := range rootCertPaths { rootCrt, err := assets.Asset(certPath) if err != nil { return nil, err } pemBlock, _ := pem.Decode(rootCrt) if pemBlock == nil { return nil, fmt.Errorf("Bad PEM data") } certs, err := x509.ParseCertificates(pemBlock.Bytes) if err != nil { return nil, err } pool.AddCert(certs[0]) } return &tls.Config{RootCAs: pool}, nil } ================================================ FILE: src/ngrok/client/update_debug.go ================================================ // +build !release,!autoupdate package client import ( "ngrok/client/mvc" ) // no auto-updating in debug mode func autoUpdate(state mvc.State, token string) { } ================================================ FILE: src/ngrok/client/update_release.go ================================================ // +build release autoupdate package client import ( "ngrok/client/mvc" "ngrok/log" "ngrok/version" "time" "gopkg.in/inconshreveable/go-update.v0" "gopkg.in/inconshreveable/go-update.v0/check" ) const ( appId = "ap_pJSFC5wQYkAyI0FIVwKYs9h1hW" updateEndpoint = "https://api.equinox.io/1/Updates" ) const publicKey = `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gx8r9no1QBtCruJW2tu 082MJJ5ZA7k803GisR2c6WglPOD1b/+kUg+dx5Y0TKXz+uNlR3GrCxLh8WkoA95M T38CQldIjoVN/bWP6jzFxL+6BRoKy5L1TcaIf3xb9B8OhwEq60cvFy7BBrLKEHJN ua/D1S5axgNOAJ8tQ2w8gISICd84ng+U9tNMqIcEjUN89h3Z4zablfNIfVkbqbSR fnkR9boUaMr6S1w8OeInjWdiab9sUr87GmEo/3tVxrHVCzHB8pzzoZceCkjgI551 d/hHfAl567YhlkQMNz8dawxBjQwCHHekgC8gAvTO7kmXkAm6YAbpa9kjwgnorPEP ywIDAQAB -----END PUBLIC KEY-----` func autoUpdate(s mvc.State, token string) { up, err := update.New().VerifySignatureWithPEM([]byte(publicKey)) if err != nil { log.Error("Failed to create update with signature: %v", err) return } update := func() (tryAgain bool) { log.Info("Checking for update") params := check.Params{ AppId: appId, AppVersion: version.MajorMinor(), UserId: token, } result, err := params.CheckForUpdate(updateEndpoint, up) if err == check.NoUpdateAvailable { log.Info("No update available") return true } else if err != nil { log.Error("Error while checking for update: %v", err) return true } if result.Initiative == check.INITIATIVE_AUTO { if err := up.CanUpdate(); err != nil { log.Error("Can't update: insufficient permissions: %v", err) // tell the user to update manually s.SetUpdateStatus(mvc.UpdateAvailable) } else { applyUpdate(s, result) } } else if result.Initiative == check.INITIATIVE_MANUAL { // this is the way the server tells us to update manually log.Info("Server wants us to update manually") s.SetUpdateStatus(mvc.UpdateAvailable) } else { log.Info("Update available, but ignoring") } // stop trying after a single download attempt // XXX: improve this so the we can: // 1. safely update multiple times // 2. only retry after temporary errors return false } // try to update immediately and then at a set interval for { if tryAgain := update(); !tryAgain { break } time.Sleep(updateCheckInterval) } } func applyUpdate(s mvc.State, result *check.Result) { err, errRecover := result.Update() if err == nil { log.Info("Update ready!") s.SetUpdateStatus(mvc.UpdateReady) return } log.Error("Error while updating ngrok: %v", err) if errRecover != nil { log.Error("Error while recovering from failed ngrok update, your binary may be missing: %v", errRecover.Error()) } // tell the user to update manually s.SetUpdateStatus(mvc.UpdateAvailable) } ================================================ FILE: src/ngrok/client/views/term/area.go ================================================ // shared internal functions for handling output to the terminal package term import ( "fmt" termbox "github.com/nsf/termbox-go" ) const ( fgColor = termbox.ColorWhite bgColor = termbox.ColorDefault ) type area struct { // top-left corner x, y int // size of the area w, h int // default colors fgColor, bgColor termbox.Attribute } func NewArea(x, y, w, h int) *area { return &area{x, y, w, h, fgColor, bgColor} } func (a *area) Clear() { for i := 0; i < a.w; i++ { for j := 0; j < a.h; j++ { termbox.SetCell(a.x+i, a.y+j, ' ', a.fgColor, a.bgColor) } } } func (a *area) APrintf(fg termbox.Attribute, x, y int, arg0 string, args ...interface{}) { s := fmt.Sprintf(arg0, args...) for i, ch := range s { termbox.SetCell(a.x+x+i, a.y+y, ch, fg, bgColor) } } func (a *area) Printf(x, y int, arg0 string, args ...interface{}) { a.APrintf(a.fgColor, x, y, arg0, args...) } ================================================ FILE: src/ngrok/client/views/term/http.go ================================================ package term import ( termbox "github.com/nsf/termbox-go" "ngrok/client/mvc" "ngrok/log" "ngrok/proto" "ngrok/util" "unicode/utf8" ) const ( size = 10 pathMaxLength = 25 ) type HttpView struct { log.Logger *area httpProto *proto.Http HttpRequests *util.Ring shutdown chan int termView *TermView } func colorFor(status string) termbox.Attribute { switch status[0] { case '3': return termbox.ColorCyan case '4': return termbox.ColorYellow case '5': return termbox.ColorRed default: } return termbox.ColorWhite } func newTermHttpView(ctl mvc.Controller, termView *TermView, proto *proto.Http, x, y int) *HttpView { v := &HttpView{ httpProto: proto, HttpRequests: util.NewRing(size), area: NewArea(x, y, 70, size+5), shutdown: make(chan int), termView: termView, Logger: log.NewPrefixLogger("view", "term", "http"), } ctl.Go(v.Run) return v } func (v *HttpView) Run() { updates := v.httpProto.Txns.Reg() for { select { case txn := <-updates: v.Debug("Got HTTP update") if txn.(*proto.HttpTxn).Resp == nil { v.HttpRequests.Add(txn) } v.Render() } } } func (v *HttpView) Render() { v.Clear() v.Printf(0, 0, "HTTP Requests") v.Printf(0, 1, "-------------") for i, obj := range v.HttpRequests.Slice() { txn := obj.(*proto.HttpTxn) path := truncatePath(txn.Req.URL.Path) v.Printf(0, 3+i, "%s %v", txn.Req.Method, path) if txn.Resp != nil { v.APrintf(colorFor(txn.Resp.Status), 30, 3+i, "%s", txn.Resp.Status) } } v.termView.Flush() } func (v *HttpView) Shutdown() { close(v.shutdown) } func truncatePath(path string) string { // Truncate all long strings based on rune count if utf8.RuneCountInString(path) > pathMaxLength { path = string([]rune(path)[:pathMaxLength]) } // By this point, len(path) should be < pathMaxLength if we're dealing with single-byte runes. // Otherwise, we have a multi-byte string and need to calculate the size of each rune and // truncate manually. // // This is a workaround for a bug in termbox-go. Remove it when this issue is fixed: // https://github.com/nsf/termbox-go/pull/21 if len(path) > pathMaxLength { out := make([]byte, pathMaxLength, pathMaxLength) length := 0 for { r, size := utf8.DecodeRuneInString(path[length:]) if r == utf8.RuneError && size == 1 { break } // utf8.EncodeRune expects there to be enough room to store the full size of the rune if length+size <= pathMaxLength { utf8.EncodeRune(out[length:], r) length += size } else { break } } path = string(out[:length]) } return path } ================================================ FILE: src/ngrok/client/views/term/view.go ================================================ // interactive terminal interface for local clients package term import ( termbox "github.com/nsf/termbox-go" "ngrok/client/mvc" "ngrok/log" "ngrok/proto" "ngrok/util" "time" ) type TermView struct { ctl mvc.Controller updates chan interface{} flush chan int shutdown chan int redraw *util.Broadcast subviews []mvc.View log.Logger *area } func NewTermView(ctl mvc.Controller) *TermView { // initialize terminal display termbox.Init() w, _ := termbox.Size() v := &TermView{ ctl: ctl, updates: ctl.Updates().Reg(), redraw: util.NewBroadcast(), flush: make(chan int), shutdown: make(chan int), Logger: log.NewPrefixLogger("view", "term"), area: NewArea(0, 0, w, 10), } ctl.Go(v.run) ctl.Go(v.input) return v } func connStatusRepr(status mvc.ConnStatus) (string, termbox.Attribute) { switch status { case mvc.ConnConnecting: return "connecting", termbox.ColorCyan case mvc.ConnReconnecting: return "reconnecting", termbox.ColorRed case mvc.ConnOnline: return "online", termbox.ColorGreen } return "unknown", termbox.ColorWhite } func (v *TermView) draw() { state := v.ctl.State() v.Clear() // quit instructions quitMsg := "(Ctrl+C to quit)" v.Printf(v.w-len(quitMsg), 0, quitMsg) // new version message updateStatus := state.GetUpdateStatus() var updateMsg string switch updateStatus { case mvc.UpdateNone: updateMsg = "" case mvc.UpdateInstalling: updateMsg = "ngrok is updating" case mvc.UpdateReady: updateMsg = "ngrok has updated: restart ngrok for the new version" case mvc.UpdateAvailable: updateMsg = "new version available at https://ngrok.com" default: pct := float64(updateStatus) / 100.0 const barLength = 25 full := int(barLength * pct) bar := make([]byte, barLength+2) bar[0] = '[' bar[barLength+1] = ']' for i := 0; i < 25; i++ { if i <= full { bar[i+1] = '#' } else { bar[i+1] = ' ' } } updateMsg = "Downloading update: " + string(bar) } if updateMsg != "" { v.APrintf(termbox.ColorYellow, 30, 0, updateMsg) } v.APrintf(termbox.ColorBlue|termbox.AttrBold, 0, 0, "ngrok") statusStr, statusColor := connStatusRepr(state.GetConnStatus()) v.APrintf(statusColor, 0, 2, "%-30s%s", "Tunnel Status", statusStr) v.Printf(0, 3, "%-30s%s/%s", "Version", state.GetClientVersion(), state.GetServerVersion()) var i int = 4 for _, t := range state.GetTunnels() { v.Printf(0, i, "%-30s%s -> %s", "Forwarding", t.PublicUrl, t.LocalAddr) i++ } v.Printf(0, i+0, "%-30s%s", "Web Interface", v.ctl.GetWebInspectAddr()) connMeter, connTimer := state.GetConnectionMetrics() v.Printf(0, i+1, "%-30s%d", "# Conn", connMeter.Count()) msec := float64(time.Millisecond) v.Printf(0, i+2, "%-30s%.2fms", "Avg Conn Time", connTimer.Mean()/msec) termbox.Flush() } func (v *TermView) run() { defer close(v.shutdown) defer termbox.Close() redraw := v.redraw.Reg() defer v.redraw.UnReg(redraw) v.draw() for { v.Debug("Waiting for update") select { case <-v.flush: termbox.Flush() case <-v.updates: v.draw() case <-redraw: v.draw() case <-v.shutdown: return } } } func (v *TermView) Shutdown() { v.shutdown <- 1 <-v.shutdown } func (v *TermView) Flush() { v.flush <- 1 } func (v *TermView) NewHttpView(p *proto.Http) *HttpView { return newTermHttpView(v.ctl, v, p, 0, 12) } func (v *TermView) input() { for { ev := termbox.PollEvent() switch ev.Type { case termbox.EventKey: switch ev.Key { case termbox.KeyCtrlC: v.Info("Got quit command") v.ctl.Shutdown("") } case termbox.EventResize: v.Info("Resize event, redrawing") v.redraw.In() <- 1 case termbox.EventError: panic(ev.Err) } } } ================================================ FILE: src/ngrok/client/views/web/http.go ================================================ // interactive web user interface package web import ( "encoding/base64" "encoding/json" "encoding/xml" "html/template" "net/http" "net/http/httputil" "net/url" "ngrok/client/assets" "ngrok/client/mvc" "ngrok/log" "ngrok/proto" "ngrok/util" "strings" "unicode/utf8" ) type SerializedTxn struct { Id string Duration int64 Start int64 ConnCtx mvc.ConnectionContext *proto.HttpTxn `json:"-"` Req SerializedRequest Resp SerializedResponse } type SerializedBody struct { RawContentType string ContentType string Text string Length int Error string ErrorOffset int Form url.Values } type SerializedRequest struct { Raw string MethodPath string Params url.Values Header http.Header Body SerializedBody Binary bool } type SerializedResponse struct { Raw string Status string Header http.Header Body SerializedBody Binary bool } type WebHttpView struct { log.Logger webview *WebView ctl mvc.Controller httpProto *proto.Http state chan SerializedUiState HttpRequests *util.Ring idToTxn map[string]*SerializedTxn } type SerializedUiState struct { Tunnels []mvc.Tunnel } type SerializedPayload struct { Txns []interface{} UiState SerializedUiState } func newWebHttpView(ctl mvc.Controller, wv *WebView, proto *proto.Http) *WebHttpView { whv := &WebHttpView{ Logger: log.NewPrefixLogger("view", "web", "http"), webview: wv, ctl: ctl, httpProto: proto, idToTxn: make(map[string]*SerializedTxn), HttpRequests: util.NewRing(20), } ctl.Go(whv.updateHttp) whv.register() return whv } type XMLDoc struct { data []byte `xml:",innerxml"` } func makeBody(h http.Header, body []byte) SerializedBody { b := SerializedBody{ Length: len(body), Text: base64.StdEncoding.EncodeToString(body), ErrorOffset: -1, } // some errors like XML errors only give a line number // and not an exact offset offsetForLine := func(line int) int { lines := strings.SplitAfterN(b.Text, "\n", line) return b.Length - len(lines[len(lines)-1]) } var err error b.RawContentType = h.Get("Content-Type") if b.RawContentType != "" { b.ContentType = strings.TrimSpace(strings.Split(b.RawContentType, ";")[0]) switch b.ContentType { case "application/xml", "text/xml": err = xml.Unmarshal(body, new(XMLDoc)) if err != nil { if syntaxError, ok := err.(*xml.SyntaxError); ok { // xml syntax errors only give us a line number, so we // count to find an offset b.ErrorOffset = offsetForLine(syntaxError.Line) } } case "application/json": err = json.Unmarshal(body, new(json.RawMessage)) if err != nil { if syntaxError, ok := err.(*json.SyntaxError); ok { b.ErrorOffset = int(syntaxError.Offset) } } case "application/x-www-form-urlencoded": b.Form, err = url.ParseQuery(string(body)) } } if err != nil { b.Error = err.Error() } return b } func (whv *WebHttpView) updateHttp() { // open channels for incoming http state changes // and broadcasts txnUpdates := whv.httpProto.Txns.Reg() for txn := range txnUpdates { // XXX: it's not safe for proto.Http and this code // to be accessing txn and txn.(req/resp) without synchronization htxn := txn.(*proto.HttpTxn) // we haven't processed this transaction yet if we haven't set the // user data if htxn.UserCtx == nil { rawReq, err := proto.DumpRequestOut(htxn.Req.Request, true) if err != nil { whv.Error("Failed to dump request: %v", err) continue } body := makeBody(htxn.Req.Header, htxn.Req.BodyBytes) whtxn := &SerializedTxn{ Id: util.RandId(8), HttpTxn: htxn, Req: SerializedRequest{ MethodPath: htxn.Req.Method + " " + htxn.Req.URL.Path, Raw: base64.StdEncoding.EncodeToString(rawReq), Params: htxn.Req.URL.Query(), Header: htxn.Req.Header, Body: body, Binary: !utf8.Valid(rawReq), }, Start: htxn.Start.Unix(), ConnCtx: htxn.ConnUserCtx.(mvc.ConnectionContext), } htxn.UserCtx = whtxn // XXX: unsafe map access from multiple go routines whv.idToTxn[whtxn.Id] = whtxn // XXX: use return value to delete from map so we don't leak memory whv.HttpRequests.Add(whtxn) } else { rawResp, err := httputil.DumpResponse(htxn.Resp.Response, true) if err != nil { whv.Error("Failed to dump response: %v", err) continue } txn := htxn.UserCtx.(*SerializedTxn) body := makeBody(htxn.Resp.Header, htxn.Resp.BodyBytes) txn.Duration = htxn.Duration.Nanoseconds() txn.Resp = SerializedResponse{ Status: htxn.Resp.Status, Raw: base64.StdEncoding.EncodeToString(rawResp), Header: htxn.Resp.Header, Body: body, Binary: !utf8.Valid(rawResp), } payload, err := json.Marshal(txn) if err != nil { whv.Error("Failed to serialized txn payload for websocket: %v", err) } whv.webview.wsMessages.In() <- payload } } } func (whv *WebHttpView) register() { http.HandleFunc("/http/in/replay", func(w http.ResponseWriter, r *http.Request) { defer func() { if r := recover(); r != nil { err := util.MakePanicTrace(r) whv.Error("Replay failed: %v", err) http.Error(w, err, 500) } }() r.ParseForm() txnid := r.Form.Get("txnid") if txn, ok := whv.idToTxn[txnid]; ok { reqBytes, err := base64.StdEncoding.DecodeString(txn.Req.Raw) if err != nil { panic(err) } whv.ctl.PlayRequest(txn.ConnCtx.Tunnel, reqBytes) w.Write([]byte(http.StatusText(200))) } else { http.Error(w, http.StatusText(400), 400) } }) http.HandleFunc("/http/in", func(w http.ResponseWriter, r *http.Request) { defer func() { if r := recover(); r != nil { err := util.MakePanicTrace(r) whv.Error("HTTP web view failed: %v", err) http.Error(w, err, 500) } }() pageTmpl, err := assets.Asset("assets/client/page.html") if err != nil { panic(err) } tmpl := template.Must(template.New("page.html").Delims("{%", "%}").Parse(string(pageTmpl))) payloadData := SerializedPayload{ Txns: whv.HttpRequests.Slice(), UiState: SerializedUiState{Tunnels: whv.ctl.State().GetTunnels()}, } payload, err := json.Marshal(payloadData) if err != nil { panic(err) } // write the response if err := tmpl.Execute(w, string(payload)); err != nil { panic(err) } }) } func (whv *WebHttpView) Shutdown() { } ================================================ FILE: src/ngrok/client/views/web/view.go ================================================ // interactive web user interface package web import ( "github.com/gorilla/websocket" "net/http" "ngrok/client/assets" "ngrok/client/mvc" "ngrok/log" "ngrok/proto" "ngrok/util" "path" ) type WebView struct { log.Logger ctl mvc.Controller // messages sent over this broadcast are sent to all websocket connections wsMessages *util.Broadcast } func NewWebView(ctl mvc.Controller, addr string) *WebView { wv := &WebView{ Logger: log.NewPrefixLogger("view", "web"), wsMessages: util.NewBroadcast(), ctl: ctl, } // for now, always redirect to the http view http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, "/http/in", 302) }) // handle web socket connections http.HandleFunc("/_ws", func(w http.ResponseWriter, r *http.Request) { conn, err := websocket.Upgrade(w, r, nil, 1024, 1024) if err != nil { http.Error(w, "Failed websocket upgrade", 400) wv.Warn("Failed websocket upgrade: %v", err) return } msgs := wv.wsMessages.Reg() defer wv.wsMessages.UnReg(msgs) for m := range msgs { err := conn.WriteMessage(websocket.TextMessage, m.([]byte)) if err != nil { // connection is closed break } } }) // serve static assets http.HandleFunc("/static/", func(w http.ResponseWriter, r *http.Request) { buf, err := assets.Asset(path.Join("assets", "client", r.URL.Path[1:])) if err != nil { wv.Warn("Error serving static file: %s", err.Error()) http.NotFound(w, r) return } w.Write(buf) }) wv.Info("Serving web interface on %s", addr) wv.ctl.Go(func() { http.ListenAndServe(addr, nil) }) return wv } func (wv *WebView) NewHttpView(proto *proto.Http) *WebHttpView { return newWebHttpView(wv.ctl, wv, proto) } func (wv *WebView) Shutdown() { } ================================================ FILE: src/ngrok/conn/conn.go ================================================ package conn import ( "bufio" "crypto/tls" "encoding/base64" "fmt" vhost "github.com/inconshreveable/go-vhost" "io" "math/rand" "net" "net/http" "net/url" "ngrok/log" "sync" ) type Conn interface { net.Conn log.Logger Id() string SetType(string) CloseRead() error } type loggedConn struct { tcp *net.TCPConn net.Conn log.Logger id int32 typ string } type Listener struct { net.Addr Conns chan *loggedConn } func wrapConn(conn net.Conn, typ string) *loggedConn { switch c := conn.(type) { case *vhost.HTTPConn: wrapped := c.Conn.(*loggedConn) return &loggedConn{wrapped.tcp, conn, wrapped.Logger, wrapped.id, wrapped.typ} case *loggedConn: return c case *net.TCPConn: wrapped := &loggedConn{c, conn, log.NewPrefixLogger(), rand.Int31(), typ} wrapped.AddLogPrefix(wrapped.Id()) return wrapped } return nil } func Listen(addr, typ string, tlsCfg *tls.Config) (l *Listener, err error) { // listen for incoming connections listener, err := net.Listen("tcp", addr) if err != nil { return } l = &Listener{ Addr: listener.Addr(), Conns: make(chan *loggedConn), } go func() { for { rawConn, err := listener.Accept() if err != nil { log.Error("Failed to accept new TCP connection of type %s: %v", typ, err) continue } c := wrapConn(rawConn, typ) if tlsCfg != nil { c.Conn = tls.Server(c.Conn, tlsCfg) } c.Info("New connection from %v", c.RemoteAddr()) l.Conns <- c } }() return } func Wrap(conn net.Conn, typ string) *loggedConn { return wrapConn(conn, typ) } func Dial(addr, typ string, tlsCfg *tls.Config) (conn *loggedConn, err error) { var rawConn net.Conn if rawConn, err = net.Dial("tcp", addr); err != nil { return } conn = wrapConn(rawConn, typ) conn.Debug("New connection to: %v", rawConn.RemoteAddr()) if tlsCfg != nil { conn.StartTLS(tlsCfg) } return } func DialHttpProxy(proxyUrl, addr, typ string, tlsCfg *tls.Config) (conn *loggedConn, err error) { // parse the proxy address var parsedUrl *url.URL if parsedUrl, err = url.Parse(proxyUrl); err != nil { return } var proxyAuth string if parsedUrl.User != nil { proxyAuth = "Basic " + base64.StdEncoding.EncodeToString([]byte(parsedUrl.User.String())) } var proxyTlsConfig *tls.Config switch parsedUrl.Scheme { case "http": proxyTlsConfig = nil case "https": proxyTlsConfig = new(tls.Config) default: err = fmt.Errorf("Proxy URL scheme must be http or https, got: %s", parsedUrl.Scheme) return } // dial the proxy if conn, err = Dial(parsedUrl.Host, typ, proxyTlsConfig); err != nil { return } // send an HTTP proxy CONNECT message req, err := http.NewRequest("CONNECT", "https://"+addr, nil) if err != nil { return } if proxyAuth != "" { req.Header.Set("Proxy-Authorization", proxyAuth) } req.Header.Set("User-Agent", "Mozilla/5.0 (compatible; ngrok)") req.Write(conn) // read the proxy's response resp, err := http.ReadResponse(bufio.NewReader(conn), req) if err != nil { return } resp.Body.Close() if resp.StatusCode != 200 { err = fmt.Errorf("Non-200 response from proxy server: %s", resp.Status) return } // upgrade to TLS conn.StartTLS(tlsCfg) return } func (c *loggedConn) StartTLS(tlsCfg *tls.Config) { c.Conn = tls.Client(c.Conn, tlsCfg) } func (c *loggedConn) Close() (err error) { if err := c.Conn.Close(); err == nil { c.Debug("Closing") } return } func (c *loggedConn) Id() string { return fmt.Sprintf("%s:%x", c.typ, c.id) } func (c *loggedConn) SetType(typ string) { oldId := c.Id() c.typ = typ c.ClearLogPrefixes() c.AddLogPrefix(c.Id()) c.Info("Renamed connection %s", oldId) } func (c *loggedConn) CloseRead() error { // XXX: use CloseRead() in Conn.Join() and in Control.shutdown() for cleaner // connection termination. Unfortunately, when I've tried that, I've observed // failures where the connection was closed *before* flushing its write buffer, // set with SetLinger() set properly (which it is by default). return c.tcp.CloseRead() } func Join(c Conn, c2 Conn) (int64, int64) { var wait sync.WaitGroup pipe := func(to Conn, from Conn, bytesCopied *int64) { defer to.Close() defer from.Close() defer wait.Done() var err error *bytesCopied, err = io.Copy(to, from) if err != nil { from.Warn("Copied %d bytes to %s before failing with error %v", *bytesCopied, to.Id(), err) } else { from.Debug("Copied %d bytes to %s", *bytesCopied, to.Id()) } } wait.Add(2) var fromBytes, toBytes int64 go pipe(c, c2, &fromBytes) go pipe(c2, c, &toBytes) c.Info("Joined with connection %s", c2.Id()) wait.Wait() return fromBytes, toBytes } ================================================ FILE: src/ngrok/conn/tee.go ================================================ package conn import ( "bufio" "io" ) // conn.Tee is a wraps a conn.Conn // causing all writes/reads to be tee'd just // like the unix command such that all data that // is read and written to the connection through its // interfaces will also be copied into two dedicated pipes // used for consuming a copy of the data stream // // this is useful for introspecting the traffic flowing // over a connection without having to tamper with the actual // code that reads and writes over the connection // // NB: the data is Tee'd into a shared-memory io.Pipe which // has a limited (and small) buffer. If you are not consuming from // the ReadBuffer() and WriteBuffer(), you are going to block // your application's real traffic from flowing over the connection type Tee struct { rd io.Reader wr io.Writer readPipe struct { rd *io.PipeReader wr *io.PipeWriter } writePipe struct { rd *io.PipeReader wr *io.PipeWriter } Conn } func NewTee(conn Conn) *Tee { c := &Tee{ rd: nil, wr: nil, Conn: conn, } c.readPipe.rd, c.readPipe.wr = io.Pipe() c.writePipe.rd, c.writePipe.wr = io.Pipe() c.rd = io.TeeReader(c.Conn, c.readPipe.wr) c.wr = io.MultiWriter(c.Conn, c.writePipe.wr) return c } func (c *Tee) ReadBuffer() *bufio.Reader { return bufio.NewReader(c.readPipe.rd) } func (c *Tee) WriteBuffer() *bufio.Reader { return bufio.NewReader(c.writePipe.rd) } func (c *Tee) Read(b []byte) (n int, err error) { n, err = c.rd.Read(b) if err != nil { c.readPipe.wr.Close() } return } func (c *Tee) ReadFrom(r io.Reader) (n int64, err error) { n, err = io.Copy(c.wr, r) if err != nil { c.writePipe.wr.Close() } return } func (c *Tee) Write(b []byte) (n int, err error) { n, err = c.wr.Write(b) if err != nil { c.writePipe.wr.Close() } return } ================================================ FILE: src/ngrok/log/logger.go ================================================ package log import ( "fmt" log "github.com/alecthomas/log4go" ) var root log.Logger = make(log.Logger) func LogTo(target string, level_name string) { var writer log.LogWriter = nil switch target { case "stdout": writer = log.NewConsoleLogWriter() case "none": // no logging default: writer = log.NewFileLogWriter(target, true) } if writer != nil { var level = log.DEBUG switch level_name { case "FINEST": level = log.FINEST case "FINE": level = log.FINE case "DEBUG": level = log.DEBUG case "TRACE": level = log.TRACE case "INFO": level = log.INFO case "WARNING": level = log.WARNING case "ERROR": level = log.ERROR case "CRITICAL": level = log.CRITICAL default: level = log.DEBUG } root.AddFilter("log", level, writer) } } type Logger interface { AddLogPrefix(string) ClearLogPrefixes() Debug(string, ...interface{}) Info(string, ...interface{}) Warn(string, ...interface{}) error Error(string, ...interface{}) error } type PrefixLogger struct { *log.Logger prefix string } func NewPrefixLogger(prefixes ...string) Logger { logger := &PrefixLogger{Logger: &root} for _, p := range prefixes { logger.AddLogPrefix(p) } return logger } func (pl *PrefixLogger) pfx(fmtstr string) interface{} { return fmt.Sprintf("%s %s", pl.prefix, fmtstr) } func (pl *PrefixLogger) Debug(arg0 string, args ...interface{}) { pl.Logger.Debug(pl.pfx(arg0), args...) } func (pl *PrefixLogger) Info(arg0 string, args ...interface{}) { pl.Logger.Info(pl.pfx(arg0), args...) } func (pl *PrefixLogger) Warn(arg0 string, args ...interface{}) error { return pl.Logger.Warn(pl.pfx(arg0), args...) } func (pl *PrefixLogger) Error(arg0 string, args ...interface{}) error { return pl.Logger.Error(pl.pfx(arg0), args...) } func (pl *PrefixLogger) AddLogPrefix(prefix string) { if len(pl.prefix) > 0 { pl.prefix += " " } pl.prefix += "[" + prefix + "]" } func (pl *PrefixLogger) ClearLogPrefixes() { pl.prefix = "" } // we should never really use these . . . always prefer logging through a prefix logger func Debug(arg0 string, args ...interface{}) { root.Debug(arg0, args...) } func Info(arg0 string, args ...interface{}) { root.Info(arg0, args...) } func Warn(arg0 string, args ...interface{}) error { return root.Warn(arg0, args...) } func Error(arg0 string, args ...interface{}) error { return root.Error(arg0, args...) } ================================================ FILE: src/ngrok/main/ngrok/ngrok.go ================================================ package main import ( "ngrok/client" ) func main() { client.Main() } ================================================ FILE: src/ngrok/main/ngrokd/ngrokd.go ================================================ package main import ( "ngrok/server" ) func main() { server.Main() } ================================================ FILE: src/ngrok/msg/conn.go ================================================ package msg import ( "encoding/binary" "errors" "fmt" "ngrok/conn" ) func readMsgShared(c conn.Conn) (buffer []byte, err error) { c.Debug("Waiting to read message") var sz int64 err = binary.Read(c, binary.LittleEndian, &sz) if err != nil { return } c.Debug("Reading message with length: %d", sz) buffer = make([]byte, sz) n, err := c.Read(buffer) c.Debug("Read message %s", buffer) if err != nil { return } if int64(n) != sz { err = errors.New(fmt.Sprintf("Expected to read %d bytes, but only read %d", sz, n)) return } return } func ReadMsg(c conn.Conn) (msg Message, err error) { buffer, err := readMsgShared(c) if err != nil { return } return Unpack(buffer) } func ReadMsgInto(c conn.Conn, msg Message) (err error) { buffer, err := readMsgShared(c) if err != nil { return } return UnpackInto(buffer, msg) } func WriteMsg(c conn.Conn, msg interface{}) (err error) { buffer, err := Pack(msg) if err != nil { return } c.Debug("Writing message: %s", string(buffer)) err = binary.Write(c, binary.LittleEndian, int64(len(buffer))) if err != nil { return } if _, err = c.Write(buffer); err != nil { return } return nil } ================================================ FILE: src/ngrok/msg/msg.go ================================================ package msg import ( "encoding/json" "reflect" ) var TypeMap map[string]reflect.Type func init() { TypeMap = make(map[string]reflect.Type) t := func(obj interface{}) reflect.Type { return reflect.TypeOf(obj).Elem() } TypeMap["Auth"] = t((*Auth)(nil)) TypeMap["AuthResp"] = t((*AuthResp)(nil)) TypeMap["ReqTunnel"] = t((*ReqTunnel)(nil)) TypeMap["NewTunnel"] = t((*NewTunnel)(nil)) TypeMap["RegProxy"] = t((*RegProxy)(nil)) TypeMap["ReqProxy"] = t((*ReqProxy)(nil)) TypeMap["StartProxy"] = t((*StartProxy)(nil)) TypeMap["Ping"] = t((*Ping)(nil)) TypeMap["Pong"] = t((*Pong)(nil)) } type Message interface{} type Envelope struct { Type string Payload json.RawMessage } // When a client opens a new control channel to the server // it must start by sending an Auth message. type Auth struct { Version string // protocol version MmVersion string // major/minor software version (informational only) User string Password string OS string Arch string ClientId string // empty for new sessions } // A server responds to an Auth message with an // AuthResp message over the control channel. // // If Error is not the empty string // the server has indicated it will not accept // the new session and will close the connection. // // The server response includes a unique ClientId // that is used to associate and authenticate future // proxy connections via the same field in RegProxy messages. type AuthResp struct { Version string MmVersion string ClientId string Error string } // A client sends this message to the server over the control channel // to request a new tunnel be opened on the client's behalf. // ReqId is a random number set by the client that it can pull // from future NewTunnel's to correlate then to the requesting ReqTunnel. type ReqTunnel struct { ReqId string Protocol string // http only Hostname string Subdomain string HttpAuth string // tcp only RemotePort uint16 } // When the server opens a new tunnel on behalf of // a client, it sends a NewTunnel message to notify the client. // ReqId is the ReqId from the corresponding ReqTunnel message. // // A client may receive *multiple* NewTunnel messages from a single // ReqTunnel. (ex. A client opens an https tunnel and the server // chooses to open an http tunnel of the same name as well) type NewTunnel struct { ReqId string Url string Protocol string Error string } // When the server wants to initiate a new tunneled connection, it sends // this message over the control channel to the client. When a client receives // this message, it must initiate a new proxy connection to the server. type ReqProxy struct { } // After a client receives a ReqProxy message, it opens a new // connection to the server and sends a RegProxy message. type RegProxy struct { ClientId string } // This message is sent by the server to the client over a *proxy* connection before it // begins to send the bytes of the proxied request. type StartProxy struct { Url string // URL of the tunnel this connection connection is being proxied for ClientAddr string // Network address of the client initiating the connection to the tunnel } // A client or server may send this message periodically over // the control channel to request that the remote side acknowledge // its connection is still alive. The remote side must respond with a Pong. type Ping struct { } // Sent by a client or server over the control channel to indicate // it received a Ping. type Pong struct { } ================================================ FILE: src/ngrok/msg/pack.go ================================================ package msg import ( "encoding/json" "errors" "fmt" "reflect" ) func unpack(buffer []byte, msgIn Message) (msg Message, err error) { var env Envelope if err = json.Unmarshal(buffer, &env); err != nil { return } if msgIn == nil { t, ok := TypeMap[env.Type] if !ok { err = errors.New(fmt.Sprintf("Unsupported message type %s", env.Type)) return } // guess type msg = reflect.New(t).Interface().(Message) } else { msg = msgIn } err = json.Unmarshal(env.Payload, &msg) return } func UnpackInto(buffer []byte, msg Message) (err error) { _, err = unpack(buffer, msg) return } func Unpack(buffer []byte) (msg Message, err error) { return unpack(buffer, nil) } func Pack(payload interface{}) ([]byte, error) { return json.Marshal(struct { Type string Payload interface{} }{ Type: reflect.TypeOf(payload).Elem().Name(), Payload: payload, }) } ================================================ FILE: src/ngrok/proto/http.go ================================================ package proto import ( "bufio" "bytes" "io" "io/ioutil" "net" "net/http" "net/http/httputil" "net/url" "ngrok/conn" "ngrok/util" "strings" "sync" "time" metrics "github.com/rcrowley/go-metrics" ) type HttpRequest struct { *http.Request BodyBytes []byte } type HttpResponse struct { *http.Response BodyBytes []byte } type HttpTxn struct { Req *HttpRequest Resp *HttpResponse Start time.Time Duration time.Duration UserCtx interface{} ConnUserCtx interface{} } type Http struct { Txns *util.Broadcast reqGauge metrics.Gauge reqMeter metrics.Meter reqTimer metrics.Timer } func NewHttp() *Http { return &Http{ Txns: util.NewBroadcast(), reqGauge: metrics.NewGauge(), reqMeter: metrics.NewMeter(), reqTimer: metrics.NewTimer(), } } func extractBody(r io.Reader) ([]byte, io.ReadCloser, error) { buf := new(bytes.Buffer) _, err := buf.ReadFrom(r) return buf.Bytes(), ioutil.NopCloser(buf), err } func (h *Http) GetName() string { return "http" } func (h *Http) WrapConn(c conn.Conn, ctx interface{}) conn.Conn { tee := conn.NewTee(c) lastTxn := make(chan *HttpTxn) go h.readRequests(tee, lastTxn, ctx) go h.readResponses(tee, lastTxn) return tee } func (h *Http) readRequests(tee *conn.Tee, lastTxn chan *HttpTxn, connCtx interface{}) { defer close(lastTxn) for { req, err := http.ReadRequest(tee.WriteBuffer()) if err != nil { // no more requests to be read, we're done break } // make sure we read the body of the request so that // we don't block the writer _, err = httputil.DumpRequest(req, true) h.reqMeter.Mark(1) if err != nil { tee.Warn("Failed to extract request body: %v", err) } // golang's ReadRequest/DumpRequestOut is broken. Fix up the request so it works later req.URL.Scheme = "http" req.URL.Host = req.Host txn := &HttpTxn{Start: time.Now(), ConnUserCtx: connCtx} txn.Req = &HttpRequest{Request: req} if req.Body != nil { txn.Req.BodyBytes, txn.Req.Body, err = extractBody(req.Body) if err != nil { tee.Warn("Failed to extract request body: %v", err) } } lastTxn <- txn h.Txns.In() <- txn } } func (h *Http) readResponses(tee *conn.Tee, lastTxn chan *HttpTxn) { for txn := range lastTxn { resp, err := http.ReadResponse(tee.ReadBuffer(), txn.Req.Request) txn.Duration = time.Since(txn.Start) h.reqTimer.Update(txn.Duration) if err != nil { tee.Warn("Error reading response from server: %v", err) // no more responses to be read, we're done break } // make sure we read the body of the response so that // we don't block the reader _, _ = httputil.DumpResponse(resp, true) txn.Resp = &HttpResponse{Response: resp} // apparently, Body can be nil in some cases if resp.Body != nil { txn.Resp.BodyBytes, txn.Resp.Body, err = extractBody(resp.Body) if err != nil { tee.Warn("Failed to extract response body: %v", err) } } h.Txns.In() <- txn // XXX: remove web socket shim in favor of a real websocket protocol analyzer if txn.Req.Header.Get("Upgrade") == "websocket" { tee.Info("Upgrading to websocket") var wg sync.WaitGroup // shim for websockets // in order for websockets to work, we need to continue reading all of the // the bytes in the analyzer so that the joined connections will continue // sending bytes to each other wg.Add(2) go func() { ioutil.ReadAll(tee.WriteBuffer()) wg.Done() }() go func() { ioutil.ReadAll(tee.ReadBuffer()) wg.Done() }() wg.Wait() break } } } // we have to vendor DumpRequestOut because it's broken and the fix won't be in until at least 1.4 // XXX: remove this all in favor of actually parsing the HTTP traffic ourselves for more transparent // replay and inspection, regardless of when it gets fixed in stdlib // Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // One of the copies, say from b to r2, could be avoided by using a more // elaborate trick where the other copy is made during Request/Response.Write. // This would complicate things too much, given that these functions are for // debugging only. func drainBody(b io.ReadCloser) (r1, r2 io.ReadCloser, err error) { var buf bytes.Buffer if _, err = buf.ReadFrom(b); err != nil { return nil, nil, err } if err = b.Close(); err != nil { return nil, nil, err } return ioutil.NopCloser(&buf), ioutil.NopCloser(bytes.NewReader(buf.Bytes())), nil } // dumpConn is a net.Conn which writes to Writer and reads from Reader type dumpConn struct { io.Writer io.Reader } func (c *dumpConn) Close() error { return nil } func (c *dumpConn) LocalAddr() net.Addr { return nil } func (c *dumpConn) RemoteAddr() net.Addr { return nil } func (c *dumpConn) SetDeadline(t time.Time) error { return nil } func (c *dumpConn) SetReadDeadline(t time.Time) error { return nil } func (c *dumpConn) SetWriteDeadline(t time.Time) error { return nil } type neverEnding byte func (b neverEnding) Read(p []byte) (n int, err error) { for i := range p { p[i] = byte(b) } return len(p), nil } // DumpRequestOut is like DumpRequest but includes // headers that the standard http.Transport adds, // such as User-Agent. func DumpRequestOut(req *http.Request, body bool) ([]byte, error) { save := req.Body dummyBody := false if !body || req.Body == nil { req.Body = nil if req.ContentLength != 0 { req.Body = ioutil.NopCloser(io.LimitReader(neverEnding('x'), req.ContentLength)) dummyBody = true } } else { var err error save, req.Body, err = drainBody(req.Body) if err != nil { return nil, err } } // Since we're using the actual Transport code to write the request, // switch to http so the Transport doesn't try to do an SSL // negotiation with our dumpConn and its bytes.Buffer & pipe. // The wire format for https and http are the same, anyway. reqSend := req if req.URL.Scheme == "https" { reqSend = new(http.Request) *reqSend = *req reqSend.URL = new(url.URL) *reqSend.URL = *req.URL reqSend.URL.Scheme = "http" } // Use the actual Transport code to record what we would send // on the wire, but not using TCP. Use a Transport with a // custom dialer that returns a fake net.Conn that waits // for the full input (and recording it), and then responds // with a dummy response. var buf bytes.Buffer // records the output pr, pw := io.Pipe() dr := &delegateReader{c: make(chan io.Reader)} // Wait for the request before replying with a dummy response: go func() { req, _ := http.ReadRequest(bufio.NewReader(pr)) // THIS IS THE PART THAT'S BROKEN IN THE STDLIB (as of Go 1.3) if req != nil && req.Body != nil { ioutil.ReadAll(req.Body) } dr.c <- strings.NewReader("HTTP/1.1 204 No Content\r\n\r\n") }() t := &http.Transport{ Dial: func(net, addr string) (net.Conn, error) { return &dumpConn{io.MultiWriter(&buf, pw), dr}, nil }, } defer t.CloseIdleConnections() _, err := t.RoundTrip(reqSend) req.Body = save if err != nil { return nil, err } dump := buf.Bytes() // If we used a dummy body above, remove it now. // TODO: if the req.ContentLength is large, we allocate memory // unnecessarily just to slice it off here. But this is just // a debug function, so this is acceptable for now. We could // discard the body earlier if this matters. if dummyBody { if i := bytes.Index(dump, []byte("\r\n\r\n")); i >= 0 { dump = dump[:i+4] } } return dump, nil } // delegateReader is a reader that delegates to another reader, // once it arrives on a channel. type delegateReader struct { c chan io.Reader r io.Reader // nil until received from c } func (r *delegateReader) Read(p []byte) (int, error) { if r.r == nil { r.r = <-r.c } return r.r.Read(p) } // Return value if nonempty, def otherwise. func valueOrDefault(value, def string) string { if value != "" { return value } return def } var reqWriteExcludeHeaderDump = map[string]bool{ "Host": true, // not in Header map anyway "Content-Length": true, "Transfer-Encoding": true, "Trailer": true, } ================================================ FILE: src/ngrok/proto/interface.go ================================================ package proto import ( "ngrok/conn" ) type Protocol interface { GetName() string WrapConn(conn.Conn, interface{}) conn.Conn } ================================================ FILE: src/ngrok/proto/tcp.go ================================================ package proto import ( "ngrok/conn" ) type Tcp struct{} func NewTcp() *Tcp { return new(Tcp) } func (h *Tcp) GetName() string { return "tcp" } func (h *Tcp) WrapConn(c conn.Conn, ctx interface{}) conn.Conn { return c } ================================================ FILE: src/ngrok/server/cli.go ================================================ package server import ( "flag" ) type Options struct { httpAddr string httpsAddr string tunnelAddr string domain string tlsCrt string tlsKey string logto string loglevel string } func parseArgs() *Options { httpAddr := flag.String("httpAddr", ":80", "Public address for HTTP connections, empty string to disable") httpsAddr := flag.String("httpsAddr", ":443", "Public address listening for HTTPS connections, emptry string to disable") tunnelAddr := flag.String("tunnelAddr", ":4443", "Public address listening for ngrok client") domain := flag.String("domain", "ngrok.com", "Domain where the tunnels are hosted") tlsCrt := flag.String("tlsCrt", "", "Path to a TLS certificate file") tlsKey := flag.String("tlsKey", "", "Path to a TLS key file") logto := flag.String("log", "stdout", "Write log messages to this file. 'stdout' and 'none' have special meanings") loglevel := flag.String("log-level", "DEBUG", "The level of messages to log. One of: DEBUG, INFO, WARNING, ERROR") flag.Parse() return &Options{ httpAddr: *httpAddr, httpsAddr: *httpsAddr, tunnelAddr: *tunnelAddr, domain: *domain, tlsCrt: *tlsCrt, tlsKey: *tlsKey, logto: *logto, loglevel: *loglevel, } } ================================================ FILE: src/ngrok/server/control.go ================================================ package server import ( "fmt" "io" "ngrok/conn" "ngrok/msg" "ngrok/util" "ngrok/version" "runtime/debug" "strings" "time" ) const ( pingTimeoutInterval = 30 * time.Second connReapInterval = 10 * time.Second controlWriteTimeout = 10 * time.Second proxyStaleDuration = 60 * time.Second proxyMaxPoolSize = 10 ) type Control struct { // auth message auth *msg.Auth // actual connection conn conn.Conn // put a message in this channel to send it over // conn to the client out chan (msg.Message) // read from this channel to get the next message sent // to us over conn by the client in chan (msg.Message) // the last time we received a ping from the client - for heartbeats lastPing time.Time // all of the tunnels this control connection handles tunnels []*Tunnel // proxy connections proxies chan conn.Conn // identifier id string // synchronizer for controlled shutdown of writer() writerShutdown *util.Shutdown // synchronizer for controlled shutdown of reader() readerShutdown *util.Shutdown // synchronizer for controlled shutdown of manager() managerShutdown *util.Shutdown // synchronizer for controller shutdown of entire Control shutdown *util.Shutdown } func NewControl(ctlConn conn.Conn, authMsg *msg.Auth) { var err error // create the object c := &Control{ auth: authMsg, conn: ctlConn, out: make(chan msg.Message), in: make(chan msg.Message), proxies: make(chan conn.Conn, 10), lastPing: time.Now(), writerShutdown: util.NewShutdown(), readerShutdown: util.NewShutdown(), managerShutdown: util.NewShutdown(), shutdown: util.NewShutdown(), } failAuth := func(e error) { _ = msg.WriteMsg(ctlConn, &msg.AuthResp{Error: e.Error()}) ctlConn.Close() } // register the clientid c.id = authMsg.ClientId if c.id == "" { // it's a new session, assign an ID if c.id, err = util.SecureRandId(16); err != nil { failAuth(err) return } } // set logging prefix ctlConn.SetType("ctl") ctlConn.AddLogPrefix(c.id) if authMsg.Version != version.Proto { failAuth(fmt.Errorf("Incompatible versions. Server %s, client %s. Download a new version at http://ngrok.com", version.MajorMinor(), authMsg.Version)) return } // register the control if replaced := controlRegistry.Add(c.id, c); replaced != nil { replaced.shutdown.WaitComplete() } // start the writer first so that the following messages get sent go c.writer() // Respond to authentication c.out <- &msg.AuthResp{ Version: version.Proto, MmVersion: version.MajorMinor(), ClientId: c.id, } // As a performance optimization, ask for a proxy connection up front c.out <- &msg.ReqProxy{} // manage the connection go c.manager() go c.reader() go c.stopper() } // Register a new tunnel on this control connection func (c *Control) registerTunnel(rawTunnelReq *msg.ReqTunnel) { for _, proto := range strings.Split(rawTunnelReq.Protocol, "+") { tunnelReq := *rawTunnelReq tunnelReq.Protocol = proto c.conn.Debug("Registering new tunnel") t, err := NewTunnel(&tunnelReq, c) if err != nil { c.out <- &msg.NewTunnel{Error: err.Error()} if len(c.tunnels) == 0 { c.shutdown.Begin() } // we're done return } // add it to the list of tunnels c.tunnels = append(c.tunnels, t) // acknowledge success c.out <- &msg.NewTunnel{ Url: t.url, Protocol: proto, ReqId: rawTunnelReq.ReqId, } rawTunnelReq.Hostname = strings.Replace(t.url, proto+"://", "", 1) } } func (c *Control) manager() { // don't crash on panics defer func() { if err := recover(); err != nil { c.conn.Info("Control::manager failed with error %v: %s", err, debug.Stack()) } }() // kill everything if the control manager stops defer c.shutdown.Begin() // notify that manager() has shutdown defer c.managerShutdown.Complete() // reaping timer for detecting heartbeat failure reap := time.NewTicker(connReapInterval) defer reap.Stop() for { select { case <-reap.C: if time.Since(c.lastPing) > pingTimeoutInterval { c.conn.Info("Lost heartbeat") c.shutdown.Begin() } case mRaw, ok := <-c.in: // c.in closes to indicate shutdown if !ok { return } switch m := mRaw.(type) { case *msg.ReqTunnel: c.registerTunnel(m) case *msg.Ping: c.lastPing = time.Now() c.out <- &msg.Pong{} } } } } func (c *Control) writer() { defer func() { if err := recover(); err != nil { c.conn.Info("Control::writer failed with error %v: %s", err, debug.Stack()) } }() // kill everything if the writer() stops defer c.shutdown.Begin() // notify that we've flushed all messages defer c.writerShutdown.Complete() // write messages to the control channel for m := range c.out { c.conn.SetWriteDeadline(time.Now().Add(controlWriteTimeout)) if err := msg.WriteMsg(c.conn, m); err != nil { panic(err) } } } func (c *Control) reader() { defer func() { if err := recover(); err != nil { c.conn.Warn("Control::reader failed with error %v: %s", err, debug.Stack()) } }() // kill everything if the reader stops defer c.shutdown.Begin() // notify that we're done defer c.readerShutdown.Complete() // read messages from the control channel for { if msg, err := msg.ReadMsg(c.conn); err != nil { if err == io.EOF { c.conn.Info("EOF") return } else { panic(err) } } else { // this can also panic during shutdown c.in <- msg } } } func (c *Control) stopper() { defer func() { if r := recover(); r != nil { c.conn.Error("Failed to shut down control: %v", r) } }() // wait until we're instructed to shutdown c.shutdown.WaitBegin() // remove ourself from the control registry controlRegistry.Del(c.id) // shutdown manager() so that we have no more work to do close(c.in) c.managerShutdown.WaitComplete() // shutdown writer() close(c.out) c.writerShutdown.WaitComplete() // close connection fully c.conn.Close() // shutdown all of the tunnels for _, t := range c.tunnels { t.Shutdown() } // shutdown all of the proxy connections close(c.proxies) for p := range c.proxies { p.Close() } c.shutdown.Complete() c.conn.Info("Shutdown complete") } func (c *Control) RegisterProxy(conn conn.Conn) { conn.AddLogPrefix(c.id) conn.SetDeadline(time.Now().Add(proxyStaleDuration)) select { case c.proxies <- conn: conn.Info("Registered") default: conn.Info("Proxies buffer is full, discarding.") conn.Close() } } // Remove a proxy connection from the pool and return it // If not proxy connections are in the pool, request one // and wait until it is available // Returns an error if we couldn't get a proxy because it took too long // or the tunnel is closing func (c *Control) GetProxy() (proxyConn conn.Conn, err error) { var ok bool // get a proxy connection from the pool select { case proxyConn, ok = <-c.proxies: if !ok { err = fmt.Errorf("No proxy connections available, control is closing") return } default: // no proxy available in the pool, ask for one over the control channel c.conn.Debug("No proxy in pool, requesting proxy from control . . .") if err = util.PanicToError(func() { c.out <- &msg.ReqProxy{} }); err != nil { return } select { case proxyConn, ok = <-c.proxies: if !ok { err = fmt.Errorf("No proxy connections available, control is closing") return } case <-time.After(pingTimeoutInterval): err = fmt.Errorf("Timeout trying to get proxy connection") return } } return } // Called when this control is replaced by another control // this can happen if the network drops out and the client reconnects // before the old tunnel has lost its heartbeat func (c *Control) Replaced(replacement *Control) { c.conn.Info("Replaced by control: %s", replacement.conn.Id()) // set the control id to empty string so that when stopper() // calls registry.Del it won't delete the replacement c.id = "" // tell the old one to shutdown c.shutdown.Begin() } ================================================ FILE: src/ngrok/server/http.go ================================================ package server import ( "crypto/tls" "fmt" vhost "github.com/inconshreveable/go-vhost" //"net" "ngrok/conn" "ngrok/log" "strings" "time" ) const ( NotAuthorized = `HTTP/1.0 401 Not Authorized WWW-Authenticate: Basic realm="ngrok" Content-Length: 23 Authorization required ` NotFound = `HTTP/1.0 404 Not Found Content-Length: %d Tunnel %s not found ` BadRequest = `HTTP/1.0 400 Bad Request Content-Length: 12 Bad Request ` ) // Listens for new http(s) connections from the public internet func startHttpListener(addr string, tlsCfg *tls.Config) (listener *conn.Listener) { // bind/listen for incoming connections var err error if listener, err = conn.Listen(addr, "pub", tlsCfg); err != nil { panic(err) } proto := "http" if tlsCfg != nil { proto = "https" } log.Info("Listening for public %s connections on %v", proto, listener.Addr.String()) go func() { for conn := range listener.Conns { go httpHandler(conn, proto) } }() return } // Handles a new http connection from the public internet func httpHandler(c conn.Conn, proto string) { defer c.Close() defer func() { // recover from failures if r := recover(); r != nil { c.Warn("httpHandler failed with error %v", r) } }() // Make sure we detect dead connections while we decide how to multiplex c.SetDeadline(time.Now().Add(connReadTimeout)) // multiplex by extracting the Host header, the vhost library vhostConn, err := vhost.HTTP(c) if err != nil { c.Warn("Failed to read valid %s request: %v", proto, err) c.Write([]byte(BadRequest)) return } // read out the Host header and auth from the request host := strings.ToLower(vhostConn.Host()) auth := vhostConn.Request.Header.Get("Authorization") // done reading mux data, free up the request memory vhostConn.Free() // We need to read from the vhost conn now since it mucked around reading the stream c = conn.Wrap(vhostConn, "pub") // multiplex to find the right backend host c.Debug("Found hostname %s in request", host) tunnel := tunnelRegistry.Get(fmt.Sprintf("%s://%s", proto, host)) if tunnel == nil { c.Info("No tunnel found for hostname %s", host) c.Write([]byte(fmt.Sprintf(NotFound, len(host)+18, host))) return } // If the client specified http auth and it doesn't match this request's auth // then fail the request with 401 Not Authorized and request the client reissue the // request with basic authdeny the request if tunnel.req.HttpAuth != "" && auth != tunnel.req.HttpAuth { c.Info("Authentication failed: %s", auth) c.Write([]byte(NotAuthorized)) return } // dead connections will now be handled by tunnel heartbeating and the client c.SetDeadline(time.Time{}) // let the tunnel handle the connection now tunnel.HandlePublicConnection(c) } ================================================ FILE: src/ngrok/server/main.go ================================================ package server import ( "crypto/tls" "math/rand" "ngrok/conn" log "ngrok/log" "ngrok/msg" "ngrok/util" "os" "runtime/debug" "time" ) const ( registryCacheSize uint64 = 1024 * 1024 // 1 MB connReadTimeout time.Duration = 10 * time.Second ) // GLOBALS var ( tunnelRegistry *TunnelRegistry controlRegistry *ControlRegistry // XXX: kill these global variables - they're only used in tunnel.go for constructing forwarding URLs opts *Options listeners map[string]*conn.Listener ) func NewProxy(pxyConn conn.Conn, regPxy *msg.RegProxy) { // fail gracefully if the proxy connection fails to register defer func() { if r := recover(); r != nil { pxyConn.Warn("Failed with error: %v", r) pxyConn.Close() } }() // set logging prefix pxyConn.SetType("pxy") // look up the control connection for this proxy pxyConn.Info("Registering new proxy for %s", regPxy.ClientId) ctl := controlRegistry.Get(regPxy.ClientId) if ctl == nil { panic("No client found for identifier: " + regPxy.ClientId) } ctl.RegisterProxy(pxyConn) } // Listen for incoming control and proxy connections // We listen for incoming control and proxy connections on the same port // for ease of deployment. The hope is that by running on port 443, using // TLS and running all connections over the same port, we can bust through // restrictive firewalls. func tunnelListener(addr string, tlsConfig *tls.Config) { // listen for incoming connections listener, err := conn.Listen(addr, "tun", tlsConfig) if err != nil { panic(err) } log.Info("Listening for control and proxy connections on %s", listener.Addr.String()) for c := range listener.Conns { go func(tunnelConn conn.Conn) { // don't crash on panics defer func() { if r := recover(); r != nil { tunnelConn.Info("tunnelListener failed with error %v: %s", r, debug.Stack()) } }() tunnelConn.SetReadDeadline(time.Now().Add(connReadTimeout)) var rawMsg msg.Message if rawMsg, err = msg.ReadMsg(tunnelConn); err != nil { tunnelConn.Warn("Failed to read message: %v", err) tunnelConn.Close() return } // don't timeout after the initial read, tunnel heartbeating will kill // dead connections tunnelConn.SetReadDeadline(time.Time{}) switch m := rawMsg.(type) { case *msg.Auth: NewControl(tunnelConn, m) case *msg.RegProxy: NewProxy(tunnelConn, m) default: tunnelConn.Close() } }(c) } } func Main() { // parse options opts = parseArgs() // init logging log.LogTo(opts.logto, opts.loglevel) // seed random number generator seed, err := util.RandomSeed() if err != nil { panic(err) } rand.Seed(seed) // init tunnel/control registry registryCacheFile := os.Getenv("REGISTRY_CACHE_FILE") tunnelRegistry = NewTunnelRegistry(registryCacheSize, registryCacheFile) controlRegistry = NewControlRegistry() // start listeners listeners = make(map[string]*conn.Listener) // load tls configuration tlsConfig, err := LoadTLSConfig(opts.tlsCrt, opts.tlsKey) if err != nil { panic(err) } // listen for http if opts.httpAddr != "" { listeners["http"] = startHttpListener(opts.httpAddr, nil) } // listen for https if opts.httpsAddr != "" { listeners["https"] = startHttpListener(opts.httpsAddr, tlsConfig) } // ngrok clients tunnelListener(opts.tunnelAddr, tlsConfig) } ================================================ FILE: src/ngrok/server/metrics.go ================================================ package server import ( "bytes" "encoding/json" "fmt" gometrics "github.com/rcrowley/go-metrics" "io/ioutil" "net/http" "ngrok/conn" "ngrok/log" "os" "time" ) var metrics Metrics func init() { keenApiKey := os.Getenv("KEEN_API_KEY") if keenApiKey != "" { metrics = NewKeenIoMetrics(60 * time.Second) } else { metrics = NewLocalMetrics(30 * time.Second) } } type Metrics interface { log.Logger OpenConnection(*Tunnel, conn.Conn) CloseConnection(*Tunnel, conn.Conn, time.Time, int64, int64) OpenTunnel(*Tunnel) CloseTunnel(*Tunnel) } type LocalMetrics struct { log.Logger reportInterval time.Duration windowsCounter gometrics.Counter linuxCounter gometrics.Counter osxCounter gometrics.Counter otherCounter gometrics.Counter tunnelMeter gometrics.Meter tcpTunnelMeter gometrics.Meter httpTunnelMeter gometrics.Meter connMeter gometrics.Meter lostHeartbeatMeter gometrics.Meter connTimer gometrics.Timer bytesInCount gometrics.Counter bytesOutCount gometrics.Counter /* tunnelGauge gometrics.Gauge tcpTunnelGauge gometrics.Gauge connGauge gometrics.Gauge */ } func NewLocalMetrics(reportInterval time.Duration) *LocalMetrics { metrics := LocalMetrics{ Logger: log.NewPrefixLogger("metrics"), reportInterval: reportInterval, windowsCounter: gometrics.NewCounter(), linuxCounter: gometrics.NewCounter(), osxCounter: gometrics.NewCounter(), otherCounter: gometrics.NewCounter(), tunnelMeter: gometrics.NewMeter(), tcpTunnelMeter: gometrics.NewMeter(), httpTunnelMeter: gometrics.NewMeter(), connMeter: gometrics.NewMeter(), lostHeartbeatMeter: gometrics.NewMeter(), connTimer: gometrics.NewTimer(), bytesInCount: gometrics.NewCounter(), bytesOutCount: gometrics.NewCounter(), /* metrics.tunnelGauge = gometrics.NewGauge(), metrics.tcpTunnelGauge = gometrics.NewGauge(), metrics.connGauge = gometrics.NewGauge(), */ } go metrics.Report() return &metrics } func (m *LocalMetrics) OpenTunnel(t *Tunnel) { m.tunnelMeter.Mark(1) switch t.ctl.auth.OS { case "windows": m.windowsCounter.Inc(1) case "linux": m.linuxCounter.Inc(1) case "darwin": m.osxCounter.Inc(1) default: m.otherCounter.Inc(1) } switch t.req.Protocol { case "tcp": m.tcpTunnelMeter.Mark(1) case "http": m.httpTunnelMeter.Mark(1) } } func (m *LocalMetrics) CloseTunnel(t *Tunnel) { } func (m *LocalMetrics) OpenConnection(t *Tunnel, c conn.Conn) { m.connMeter.Mark(1) } func (m *LocalMetrics) CloseConnection(t *Tunnel, c conn.Conn, start time.Time, bytesIn, bytesOut int64) { m.bytesInCount.Inc(bytesIn) m.bytesOutCount.Inc(bytesOut) } func (m *LocalMetrics) Report() { m.Info("Reporting every %d seconds", int(m.reportInterval.Seconds())) for { time.Sleep(m.reportInterval) buffer, err := json.Marshal(map[string]interface{}{ "windows": m.windowsCounter.Count(), "linux": m.linuxCounter.Count(), "osx": m.osxCounter.Count(), "other": m.otherCounter.Count(), "httpTunnelMeter.count": m.httpTunnelMeter.Count(), "tcpTunnelMeter.count": m.tcpTunnelMeter.Count(), "tunnelMeter.count": m.tunnelMeter.Count(), "tunnelMeter.m1": m.tunnelMeter.Rate1(), "connMeter.count": m.connMeter.Count(), "connMeter.m1": m.connMeter.Rate1(), "bytesIn.count": m.bytesInCount.Count(), "bytesOut.count": m.bytesOutCount.Count(), }) if err != nil { m.Error("Failed to serialize metrics: %v", err) continue } m.Info("Reporting: %s", buffer) } } type KeenIoMetric struct { Collection string Event interface{} } type KeenIoMetrics struct { log.Logger ApiKey string ProjectToken string HttpClient http.Client Metrics chan *KeenIoMetric } func NewKeenIoMetrics(batchInterval time.Duration) *KeenIoMetrics { k := &KeenIoMetrics{ Logger: log.NewPrefixLogger("metrics"), ApiKey: os.Getenv("KEEN_API_KEY"), ProjectToken: os.Getenv("KEEN_PROJECT_TOKEN"), Metrics: make(chan *KeenIoMetric, 1000), } go func() { defer func() { if r := recover(); r != nil { k.Error("KeenIoMetrics failed: %v", r) } }() batch := make(map[string][]interface{}) batchTimer := time.Tick(batchInterval) for { select { case m := <-k.Metrics: list, ok := batch[m.Collection] if !ok { list = make([]interface{}, 0) } batch[m.Collection] = append(list, m.Event) case <-batchTimer: // no metrics to report if len(batch) == 0 { continue } payload, err := json.Marshal(batch) if err != nil { k.Error("Failed to serialize metrics payload: %v, %v", batch, err) } else { for key, val := range batch { k.Debug("Reporting %d metrics for %s", len(val), key) } k.AuthedRequest("POST", "/events", bytes.NewReader(payload)) } batch = make(map[string][]interface{}) } } }() return k } func (k *KeenIoMetrics) AuthedRequest(method, path string, body *bytes.Reader) (resp *http.Response, err error) { path = fmt.Sprintf("https://api.keen.io/3.0/projects/%s%s", k.ProjectToken, path) req, err := http.NewRequest(method, path, body) if err != nil { return } req.Header.Add("Authorization", k.ApiKey) if body != nil { req.Header.Add("Content-Type", "application/json") req.ContentLength = int64(body.Len()) } requestStartAt := time.Now() resp, err = k.HttpClient.Do(req) if err != nil { k.Error("Failed to send metric event to keen.io %v", err) } else { k.Info("keen.io processed request in %f sec", time.Since(requestStartAt).Seconds()) defer resp.Body.Close() if resp.StatusCode != 200 { bytes, _ := ioutil.ReadAll(resp.Body) k.Error("Got %v response from keen.io: %s", resp.StatusCode, bytes) } } return } func (k *KeenIoMetrics) OpenConnection(t *Tunnel, c conn.Conn) { } func (k *KeenIoMetrics) CloseConnection(t *Tunnel, c conn.Conn, start time.Time, in, out int64) { event := struct { Keen KeenStruct `json:"keen"` OS string ClientId string Protocol string Url string User string Version string Reason string HttpAuth bool Subdomain bool TunnelDuration float64 ConnectionDuration float64 BytesIn int64 BytesOut int64 }{ Keen: KeenStruct{ Timestamp: start.UTC().Format("2006-01-02T15:04:05.000Z"), }, OS: t.ctl.auth.OS, ClientId: t.ctl.id, Protocol: t.req.Protocol, Url: t.url, User: t.ctl.auth.User, Version: t.ctl.auth.MmVersion, HttpAuth: t.req.HttpAuth != "", Subdomain: t.req.Subdomain != "", TunnelDuration: time.Since(t.start).Seconds(), ConnectionDuration: time.Since(start).Seconds(), BytesIn: in, BytesOut: out, } k.Metrics <- &KeenIoMetric{Collection: "CloseConnection", Event: event} } func (k *KeenIoMetrics) OpenTunnel(t *Tunnel) { } type KeenStruct struct { Timestamp string `json:"timestamp"` } func (k *KeenIoMetrics) CloseTunnel(t *Tunnel) { event := struct { Keen KeenStruct `json:"keen"` OS string ClientId string Protocol string Url string User string Version string Reason string Duration float64 HttpAuth bool Subdomain bool }{ Keen: KeenStruct{ Timestamp: t.start.UTC().Format("2006-01-02T15:04:05.000Z"), }, OS: t.ctl.auth.OS, ClientId: t.ctl.id, Protocol: t.req.Protocol, Url: t.url, User: t.ctl.auth.User, Version: t.ctl.auth.MmVersion, //Reason: reason, Duration: time.Since(t.start).Seconds(), HttpAuth: t.req.HttpAuth != "", Subdomain: t.req.Subdomain != "", } k.Metrics <- &KeenIoMetric{Collection: "CloseTunnel", Event: event} } ================================================ FILE: src/ngrok/server/registry.go ================================================ package server import ( "encoding/gob" "fmt" "net" "ngrok/cache" "ngrok/log" "sync" "time" ) const ( cacheSaveInterval time.Duration = 10 * time.Minute ) type cacheUrl string func (url cacheUrl) Size() int { return len(url) } // TunnelRegistry maps a tunnel URL to Tunnel structures type TunnelRegistry struct { tunnels map[string]*Tunnel affinity *cache.LRUCache log.Logger sync.RWMutex } func NewTunnelRegistry(cacheSize uint64, cacheFile string) *TunnelRegistry { registry := &TunnelRegistry{ tunnels: make(map[string]*Tunnel), affinity: cache.NewLRUCache(cacheSize), Logger: log.NewPrefixLogger("registry", "tun"), } // LRUCache uses Gob encoding. Unfortunately, Gob is fickle and will fail // to encode or decode any non-primitive types that haven't been "registered" // with it. Since we store cacheUrl objects, we need to register them here first // for the encoding/decoding to work var urlobj cacheUrl gob.Register(urlobj) // try to load and then periodically save the affinity cache to file, if specified if cacheFile != "" { err := registry.affinity.LoadItemsFromFile(cacheFile) if err != nil { registry.Error("Failed to load affinity cache %s: %v", cacheFile, err) } registry.SaveCacheThread(cacheFile, cacheSaveInterval) } else { registry.Info("No affinity cache specified") } return registry } // Spawns a goroutine the periodically saves the cache to a file. func (r *TunnelRegistry) SaveCacheThread(path string, interval time.Duration) { go func() { r.Info("Saving affinity cache to %s every %s", path, interval.String()) for { time.Sleep(interval) r.Debug("Saving affinity cache") err := r.affinity.SaveItemsToFile(path) if err != nil { r.Error("Failed to save affinity cache: %v", err) } else { r.Info("Saved affinity cache") } } }() } // Register a tunnel with a specific url, returns an error // if a tunnel is already registered at that url func (r *TunnelRegistry) Register(url string, t *Tunnel) error { r.Lock() defer r.Unlock() if r.tunnels[url] != nil { return fmt.Errorf("The tunnel %s is already registered.", url) } r.tunnels[url] = t return nil } func (r *TunnelRegistry) cacheKeys(t *Tunnel) (ip string, id string) { clientIp := t.ctl.conn.RemoteAddr().(*net.TCPAddr).IP.String() clientId := t.ctl.id ipKey := fmt.Sprintf("client-ip-%s:%s", t.req.Protocol, clientIp) idKey := fmt.Sprintf("client-id-%s:%s", t.req.Protocol, clientId) return ipKey, idKey } func (r *TunnelRegistry) GetCachedRegistration(t *Tunnel) (url string) { ipCacheKey, idCacheKey := r.cacheKeys(t) // check cache for ID first, because we prefer that over IP which might // not be specific to a user because of NATs if v, ok := r.affinity.Get(idCacheKey); ok { url = string(v.(cacheUrl)) t.Debug("Found registry affinity %s for %s", url, idCacheKey) } else if v, ok := r.affinity.Get(ipCacheKey); ok { url = string(v.(cacheUrl)) t.Debug("Found registry affinity %s for %s", url, ipCacheKey) } return } func (r *TunnelRegistry) RegisterAndCache(url string, t *Tunnel) (err error) { if err = r.Register(url, t); err == nil { // we successfully assigned a url, cache it ipCacheKey, idCacheKey := r.cacheKeys(t) r.affinity.Set(ipCacheKey, cacheUrl(url)) r.affinity.Set(idCacheKey, cacheUrl(url)) } return } // Register a tunnel with the following process: // Consult the affinity cache to try to assign a previously used tunnel url if possible // Generate new urls repeatedly with the urlFn and register until one is available. func (r *TunnelRegistry) RegisterRepeat(urlFn func() string, t *Tunnel) (string, error) { url := r.GetCachedRegistration(t) if url == "" { url = urlFn() } maxAttempts := 5 for i := 0; i < maxAttempts; i++ { if err := r.RegisterAndCache(url, t); err != nil { // pick a new url and try again url = urlFn() } else { // we successfully assigned a url, we're done return url, nil } } return "", fmt.Errorf("Failed to assign a URL after %d attempts!", maxAttempts) } func (r *TunnelRegistry) Del(url string) { r.Lock() defer r.Unlock() delete(r.tunnels, url) } func (r *TunnelRegistry) Get(url string) *Tunnel { r.RLock() defer r.RUnlock() return r.tunnels[url] } // ControlRegistry maps a client ID to Control structures type ControlRegistry struct { controls map[string]*Control log.Logger sync.RWMutex } func NewControlRegistry() *ControlRegistry { return &ControlRegistry{ controls: make(map[string]*Control), Logger: log.NewPrefixLogger("registry", "ctl"), } } func (r *ControlRegistry) Get(clientId string) *Control { r.RLock() defer r.RUnlock() return r.controls[clientId] } func (r *ControlRegistry) Add(clientId string, ctl *Control) (oldCtl *Control) { r.Lock() defer r.Unlock() oldCtl = r.controls[clientId] if oldCtl != nil { oldCtl.Replaced(ctl) } r.controls[clientId] = ctl r.Info("Registered control with id %s", clientId) return } func (r *ControlRegistry) Del(clientId string) error { r.Lock() defer r.Unlock() if r.controls[clientId] == nil { return fmt.Errorf("No control found for client id: %s", clientId) } else { r.Info("Removed control registry id %s", clientId) delete(r.controls, clientId) return nil } } ================================================ FILE: src/ngrok/server/tls.go ================================================ package server import ( "crypto/tls" "io/ioutil" "ngrok/server/assets" ) func LoadTLSConfig(crtPath string, keyPath string) (tlsConfig *tls.Config, err error) { fileOrAsset := func(path string, default_path string) ([]byte, error) { loadFn := ioutil.ReadFile if path == "" { loadFn = assets.Asset path = default_path } return loadFn(path) } var ( crt []byte key []byte cert tls.Certificate ) if crt, err = fileOrAsset(crtPath, "assets/server/tls/snakeoil.crt"); err != nil { return } if key, err = fileOrAsset(keyPath, "assets/server/tls/snakeoil.key"); err != nil { return } if cert, err = tls.X509KeyPair(crt, key); err != nil { return } tlsConfig = &tls.Config{ Certificates: []tls.Certificate{cert}, } return } ================================================ FILE: src/ngrok/server/tunnel.go ================================================ package server import ( "encoding/base64" "fmt" "math/rand" "net" "ngrok/conn" "ngrok/log" "ngrok/msg" "ngrok/util" "os" "strconv" "strings" "sync/atomic" "time" ) var defaultPortMap = map[string]int{ "http": 80, "https": 443, "smtp": 25, } /** * Tunnel: A control connection, metadata and proxy connections which * route public traffic to a firewalled endpoint. */ type Tunnel struct { // request that opened the tunnel req *msg.ReqTunnel // time when the tunnel was opened start time.Time // public url url string // tcp listener listener *net.TCPListener // control connection ctl *Control // logger log.Logger // closing closing int32 } // Common functionality for registering virtually hosted protocols func registerVhost(t *Tunnel, protocol string, servingPort int) (err error) { vhost := os.Getenv("VHOST") if vhost == "" { vhost = fmt.Sprintf("%s:%d", opts.domain, servingPort) } // Canonicalize virtual host by removing default port (e.g. :80 on HTTP) defaultPort, ok := defaultPortMap[protocol] if !ok { return fmt.Errorf("Couldn't find default port for protocol %s", protocol) } defaultPortSuffix := fmt.Sprintf(":%d", defaultPort) if strings.HasSuffix(vhost, defaultPortSuffix) { vhost = vhost[0 : len(vhost)-len(defaultPortSuffix)] } // Canonicalize by always using lower-case vhost = strings.ToLower(vhost) // Register for specific hostname hostname := strings.ToLower(strings.TrimSpace(t.req.Hostname)) if hostname != "" { t.url = fmt.Sprintf("%s://%s", protocol, hostname) return tunnelRegistry.Register(t.url, t) } // Register for specific subdomain subdomain := strings.ToLower(strings.TrimSpace(t.req.Subdomain)) if subdomain != "" { t.url = fmt.Sprintf("%s://%s.%s", protocol, subdomain, vhost) return tunnelRegistry.Register(t.url, t) } // Register for random URL t.url, err = tunnelRegistry.RegisterRepeat(func() string { return fmt.Sprintf("%s://%x.%s", protocol, rand.Int31(), vhost) }, t) return } // Create a new tunnel from a registration message received // on a control channel func NewTunnel(m *msg.ReqTunnel, ctl *Control) (t *Tunnel, err error) { t = &Tunnel{ req: m, start: time.Now(), ctl: ctl, Logger: log.NewPrefixLogger(), } proto := t.req.Protocol switch proto { case "tcp": bindTcp := func(port int) error { if t.listener, err = net.ListenTCP("tcp", &net.TCPAddr{IP: net.ParseIP("0.0.0.0"), Port: port}); err != nil { err = t.ctl.conn.Error("Error binding TCP listener: %v", err) return err } // create the url addr := t.listener.Addr().(*net.TCPAddr) t.url = fmt.Sprintf("tcp://%s:%d", opts.domain, addr.Port) // register it if err = tunnelRegistry.RegisterAndCache(t.url, t); err != nil { // This should never be possible because the OS will // only assign available ports to us. t.listener.Close() err = fmt.Errorf("TCP listener bound, but failed to register %s", t.url) return err } go t.listenTcp(t.listener) return nil } // use the custom remote port you asked for if t.req.RemotePort != 0 { bindTcp(int(t.req.RemotePort)) return } // try to return to you the same port you had before cachedUrl := tunnelRegistry.GetCachedRegistration(t) if cachedUrl != "" { var port int parts := strings.Split(cachedUrl, ":") portPart := parts[len(parts)-1] port, err = strconv.Atoi(portPart) if err != nil { t.ctl.conn.Error("Failed to parse cached url port as integer: %s", portPart) } else { // we have a valid, cached port, let's try to bind with it if bindTcp(port) != nil { t.ctl.conn.Warn("Failed to get custom port %d: %v, trying a random one", port, err) } else { // success, we're done return } } } // Bind for TCP connections bindTcp(0) return case "http", "https": l, ok := listeners[proto] if !ok { err = fmt.Errorf("Not listening for %s connections", proto) return } if err = registerVhost(t, proto, l.Addr.(*net.TCPAddr).Port); err != nil { return } default: err = fmt.Errorf("Protocol %s is not supported", proto) return } // pre-encode the http basic auth for fast comparisons later if m.HttpAuth != "" { m.HttpAuth = "Basic " + base64.StdEncoding.EncodeToString([]byte(m.HttpAuth)) } t.AddLogPrefix(t.Id()) t.Info("Registered new tunnel on: %s", t.ctl.conn.Id()) metrics.OpenTunnel(t) return } func (t *Tunnel) Shutdown() { t.Info("Shutting down") // mark that we're shutting down atomic.StoreInt32(&t.closing, 1) // if we have a public listener (this is a raw TCP tunnel), shut it down if t.listener != nil { t.listener.Close() } // remove ourselves from the tunnel registry tunnelRegistry.Del(t.url) // let the control connection know we're shutting down // currently, only the control connection shuts down tunnels, // so it doesn't need to know about it // t.ctl.stoptunnel <- t metrics.CloseTunnel(t) } func (t *Tunnel) Id() string { return t.url } // Listens for new public tcp connections from the internet. func (t *Tunnel) listenTcp(listener *net.TCPListener) { for { defer func() { if r := recover(); r != nil { log.Warn("listenTcp failed with error %v", r) } }() // accept public connections tcpConn, err := listener.AcceptTCP() if err != nil { // not an error, we're shutting down this tunnel if atomic.LoadInt32(&t.closing) == 1 { return } t.Error("Failed to accept new TCP connection: %v", err) continue } conn := conn.Wrap(tcpConn, "pub") conn.AddLogPrefix(t.Id()) conn.Info("New connection from %v", conn.RemoteAddr()) go t.HandlePublicConnection(conn) } } func (t *Tunnel) HandlePublicConnection(publicConn conn.Conn) { defer publicConn.Close() defer func() { if r := recover(); r != nil { publicConn.Warn("HandlePublicConnection failed with error %v", r) } }() startTime := time.Now() metrics.OpenConnection(t, publicConn) var proxyConn conn.Conn var err error for i := 0; i < (2 * proxyMaxPoolSize); i++ { // get a proxy connection if proxyConn, err = t.ctl.GetProxy(); err != nil { t.Warn("Failed to get proxy connection: %v", err) return } defer proxyConn.Close() t.Info("Got proxy connection %s", proxyConn.Id()) proxyConn.AddLogPrefix(t.Id()) // tell the client we're going to start using this proxy connection startPxyMsg := &msg.StartProxy{ Url: t.url, ClientAddr: publicConn.RemoteAddr().String(), } if err = msg.WriteMsg(proxyConn, startPxyMsg); err != nil { proxyConn.Warn("Failed to write StartProxyMessage: %v, attempt %d", err, i) proxyConn.Close() } else { // success break } } if err != nil { // give up publicConn.Error("Too many failures starting proxy connection") return } // To reduce latency handling tunnel connections, we employ the following curde heuristic: // Whenever we take a proxy connection from the pool, replace it with a new one util.PanicToError(func() { t.ctl.out <- &msg.ReqProxy{} }) // no timeouts while connections are joined proxyConn.SetDeadline(time.Time{}) // join the public and proxy connections bytesIn, bytesOut := conn.Join(publicConn, proxyConn) metrics.CloseConnection(t, publicConn, startTime, bytesIn, bytesOut) } ================================================ FILE: src/ngrok/util/broadcast.go ================================================ package util type Broadcast struct { listeners []chan interface{} reg chan (chan interface{}) unreg chan (chan interface{}) in chan interface{} } func NewBroadcast() *Broadcast { b := &Broadcast{ listeners: make([]chan interface{}, 0), reg: make(chan (chan interface{})), unreg: make(chan (chan interface{})), in: make(chan interface{}), } go func() { for { select { case l := <-b.unreg: // remove L from b.listeners // this operation is slow: O(n) but not used frequently // unlike iterating over listeners oldListeners := b.listeners b.listeners = make([]chan interface{}, 0, len(oldListeners)) for _, oldL := range oldListeners { if l != oldL { b.listeners = append(b.listeners, oldL) } } case l := <-b.reg: b.listeners = append(b.listeners, l) case item := <-b.in: for _, l := range b.listeners { l <- item } } } }() return b } func (b *Broadcast) In() chan interface{} { return b.in } func (b *Broadcast) Reg() chan interface{} { listener := make(chan interface{}) b.reg <- listener return listener } func (b *Broadcast) UnReg(listener chan interface{}) { b.unreg <- listener } ================================================ FILE: src/ngrok/util/errors.go ================================================ package util import ( "fmt" "runtime" ) const crashMessage = `panic: %v %s Oh noes! ngrok crashed! Please submit the stack trace and any relevant information to: github.com/inconshreveable/ngrok/issues` func MakePanicTrace(err interface{}) string { stackBuf := make([]byte, 4096) n := runtime.Stack(stackBuf, false) return fmt.Sprintf(crashMessage, err, stackBuf[:n]) } // Runs the given function and converts any panic encountered while doing so // into an error. Useful for sending to channels that will close func PanicToError(fn func()) (err error) { defer func() { if r := recover(); r != nil { err = fmt.Errorf("Panic: %v", r) } }() fn() return } ================================================ FILE: src/ngrok/util/id.go ================================================ package util import ( "crypto/rand" "encoding/binary" "fmt" mrand "math/rand" ) func RandomSeed() (seed int64, err error) { err = binary.Read(rand.Reader, binary.LittleEndian, &seed) return } // creates a random identifier of the specified length func RandId(idlen int) string { b := make([]byte, idlen) var randVal uint32 for i := 0; i < idlen; i++ { byteIdx := i % 4 if byteIdx == 0 { randVal = mrand.Uint32() } b[i] = byte((randVal >> (8 * uint(byteIdx))) & 0xFF) } return fmt.Sprintf("%x", b) } // like RandId, but uses a crypto/rand for secure random identifiers func SecureRandId(idlen int) (id string, err error) { b := make([]byte, idlen) n, err := rand.Read(b) if n != idlen { err = fmt.Errorf("Only generated %d random bytes, %d requested", n, idlen) return } if err != nil { return } id = fmt.Sprintf("%x", b) return } func SecureRandIdOrPanic(idlen int) string { id, err := SecureRandId(idlen) if err != nil { panic(err) } return id } ================================================ FILE: src/ngrok/util/ring.go ================================================ package util import ( "container/list" "sync" ) type Ring struct { sync.Mutex *list.List capacity int } func NewRing(capacity int) *Ring { return &Ring{capacity: capacity, List: list.New()} } func (r *Ring) Add(item interface{}) interface{} { r.Lock() defer r.Unlock() // add new item r.PushFront(item) // remove old item if at capacity var old interface{} if r.Len() >= r.capacity { old = r.Remove(r.Back()) } return old } func (r *Ring) Slice() []interface{} { r.Lock() defer r.Unlock() i := 0 items := make([]interface{}, r.Len()) for e := r.Front(); e != nil; e = e.Next() { items[i] = e.Value i++ } return items } ================================================ FILE: src/ngrok/util/shutdown.go ================================================ package util import ( "sync" ) // A small utility class for managing controlled shutdowns type Shutdown struct { sync.Mutex inProgress bool begin chan int // closed when the shutdown begins complete chan int // closed when the shutdown completes } func NewShutdown() *Shutdown { return &Shutdown{ begin: make(chan int), complete: make(chan int), } } func (s *Shutdown) Begin() { s.Lock() defer s.Unlock() if s.inProgress == true { return } else { s.inProgress = true close(s.begin) } } func (s *Shutdown) WaitBegin() { <-s.begin } func (s *Shutdown) Complete() { close(s.complete) } func (s *Shutdown) WaitComplete() { <-s.complete } ================================================ FILE: src/ngrok/version/version.go ================================================ package version import ( "fmt" ) const ( Proto = "2" Major = "1" Minor = "7" ) func MajorMinor() string { return fmt.Sprintf("%s.%s", Major, Minor) } func Full() string { return fmt.Sprintf("%s-%s.%s", Proto, Major, Minor) } func Compat(client string, server string) bool { return client == server }