[snowflake/master] Customize reflect.go for Snowflake broker. - tor-commits

3 Aug 2017

commit 827972e2bfebdfb0555228f69de48711a7e5f1b1
Author: David Fifield david@bamsoftware.com
Date:   Sat Jul 15 12:04:59 2017 -0700
Customize reflect.go for Snowflake broker.
Don't need Meek-IP.
---
 appengine/README     | 18 +++++++-----------
 appengine/app.yaml   |  3 ---
 appengine/reflect.go | 31 ++++++-------------------------
 3 files changed, 13 insertions(+), 39 deletions(-)

diff --git a/appengine/README b/appengine/README
index d71277a..bec9fcb 100644
--- a/appengine/README
+++ b/appengine/README
@@ -1,7 +1,5 @@
-This component runs on Google App Engine. It lies between meek-client
-and meek-server. The App Engine component receives requests from the
-client and forwards them to the server, then receives responses from the
-server and forwards them to the client.
+This component runs on Google App Engine. It reflects domain-fronted
+requests from a client to the Snowflake broker.
You need the Go App Engine SDK in order to deploy the app.
    https://cloud.google.com/sdk/docs/#linux
@@ -10,8 +8,7 @@ After unpacking, install the app-engine-go component:
To test locally, run
    google-cloud-sdk/bin/dev_appserver.py app.yaml
-The app will be running at http://127.0.0.1:8080/. You can test broker
-forwarding function by browsing to http://127.0.0.1:8000/ip.
+The app will be running at http://127.0.0.1:8080/.
To deploy to App Engine, first create a new project and app. You have to
 think of a unique name (marked as "<appname>" in the commands). You only
@@ -23,9 +20,8 @@ log in to a Google account.
 Then to deploy the project, run:
    google-cloud-sdk/bin/gcloud app deploy --project=<appname>
-To configure meek-client to talk to the App Engine app, provide
-"https://<appname>.appspot.com/" as the url and "www.google.com" as the
-front domain.
+To configure the Snowflake client to talk to the App Engine app, provide
+"https://<appname>.appspot.com/" as the --url option.
    UseBridges 1
-	Bridge meek 0.0.2.0:1 url=https://example.appspot.com/ front=www.google.com
-	ClientTransportPlugin meek exec ./meek-client --log meek-client.log
+	Bridge snowflake 0.0.2.0:1
+	ClientTransportPlugin snowflake exec ./client -url https://<appname>.appspot.com/ -front www.google.com
diff --git a/appengine/app.yaml b/appengine/app.yaml
index ff6efc1..44df436 100644
--- a/appengine/app.yaml
+++ b/appengine/app.yaml
@@ -1,8 +1,5 @@
 runtime: go
 api_version: go1
-automatic_scaling:
-  max_idle_instances: 2
-  min_pending_latency: 1000ms
handlers:
 - url: /.*
diff --git a/appengine/reflect.go b/appengine/reflect.go
index ccf11f3..f6b5336 100644
--- a/appengine/reflect.go
+++ b/appengine/reflect.go
@@ -1,10 +1,9 @@
-// A web app for Google App Engine that proxies HTTP requests and responses to a
-// Tor relay running meek-server.
+// A web app for Google App Engine that proxies HTTP requests and responses to
+// the Snowflake broker.
 package reflect
import (
    "io"
-	"net"
    "net/http"
    "net/url"
    "time"
@@ -14,7 +13,7 @@ import (
 )
const (
-	forwardURL = "https://meek.bamsoftware.com/"
+	forwardURL = "https://snowflake-broker.bamsoftware.com/"
    // A timeout of 0 means to use the App Engine default (5 seconds).
    urlFetchTimeout = 20 * time.Second
 )
@@ -32,26 +31,14 @@ func pathJoin(a, b string) string {
    return a + b
 }
-// We reflect only a whitelisted set of header fields. In requests, the full
-// list includes things like User-Agent and X-Appengine-Country that the Tor
-// bridge doesn't need to know. In responses, there may be things like
-// Transfer-Encoding that interfere with App Engine's own hop-by-hop headers.
+// We reflect only a whitelisted set of header fields. Otherwise, we may copy
+// headers like Transfer-Encoding that interfere with App Engine's own
+// hop-by-hop headers.
 var reflectedHeaderFields = []string{
    "Content-Type",
    "X-Session-Id",
 }
-// Get the original client IP address as a string. When using the standard
-// net/http server, Request.RemoteAddr is a "host:port" string; however App
-// Engine seems to use just "host". We check for both to be safe.
-func getClientAddr(r *http.Request) string {
-	host, _, err := net.SplitHostPort(r.RemoteAddr)
-	if err == nil {
-		return host
-	}
-	return r.RemoteAddr
-}
-
 // Make a copy of r, with the URL being changed to be relative to forwardURL,
 // and including only the headers in reflectedHeaderFields.
 func copyRequest(r *http.Request) (*http.Request, error) {
@@ -74,12 +61,6 @@ func copyRequest(r *http.Request) (*http.Request, error) {
    		}
    	}
    }
-	// Set the original client IP address in a Meek-IP header. We would use
-	// X-Forwarded-For, but App Engine prohibits setting that header:
-	// https://cloud.google.com/appengine/docs/standard/go/outbound-requests#reques...
-	// We could use Forwarded from RFC 7239, but other CDNs already use
-	// X-Forwarded-For and this way we only need one parser.
-	c.Header.Add("Meek-IP", getClientAddr(r))
    return c, nil
 }

    