completed x509 tls support

config.json

@@ -1,8 +1,9 @@
 {
     "instance_name": "Server",
     "instance_port": 6921,
-    "sslencryption": false,
-    "cert_file_path": "./cert.crt",
+    "sslencryption": true,
+    "cert_file_path": "./server.crt",
+    "key_file_path": "./server.key",
     "servers": [
         {
             "instance_name": "Server1",
@@ -23,6 +24,16 @@
             "stop_process_command": "stop",
             "unresponsive_kill_time_seconds": 20,
             "minecraft_mode": true
+        },
+        {
+            "instance_name": "gWars",
+            "home_directory": "/home/devin/Flow/Minecraft Servers/gWars",
+            "command_to_run": "java -Xmx2G -Xms512M -XX:+UseG1GC -XX:ParallelGCThreads=2 -XX:+AggressiveOpts -d64 -server -jar minecraft_server.jar",
+            "max_lines": 2000,
+            "amount_of_lines_to_cut_on_max": 100,
+            "stop_process_command": "stop",
+            "unresponsive_kill_time_seconds": 20,
+            "minecraft_mode": true
         }
     ],
     "users": [

src/cli/main/esticli.go

@@ -8,15 +8,18 @@ import (
 	"google.golang.org/grpc"
 
 	pb "../../protocol"
+	"google.golang.org/grpc/credentials"
+	"crypto/tls"
 )
 
 var version = "v1.0.0"
 
 var commands = make(map[string]interface{})
 
 var args []string
-var address *string
-var port *string
+var address, port, certFile *string
+var verifyTLS *bool
+var noTLS *bool
 
 var conn *grpc.ClientConn
 
@@ -47,8 +50,11 @@ func main() {
 	//Initialize flags first
 	getVer := flag.Bool("v", false, "get the version of the client")
 
-	address = flag.String("a", "127.0.0.1", "specify the address of the host")
+	address = flag.String("ip", "127.0.0.1", "specify the address of the host")
 	port = flag.String("p", "19005", "specify the port of the host")
+	noTLS = flag.Bool("insecure", false, "specify whether or not to disable encryption")
+	certFile = flag.String("cert", "none", "location of cert file (if using encryption)")
+	verifyTLS = flag.Bool("verify", false, "whether or not to verify tls from server (if using encryption)")
 
 	flag.Parse()       //Get the flag for user
 	args = flag.Args() //os.Args[1:]
@@ -99,7 +105,23 @@ func checkError(err error) {
 func startCon() {
 	var opts []grpc.DialOption
 
-	opts = append(opts, grpc.WithInsecure())
+	if *noTLS {
+		opts = append(opts, grpc.WithInsecure()) //no encryption
+	} else {
+		// Create the client TLS credentials
+		var creds credentials.TransportCredentials
+		if *verifyTLS { //encryption with IP SANs validation (for mmim attacks)
+			var err error
+			creds, err = credentials.NewClientTLSFromFile(*certFile, "")
+			if err != nil {
+				log.Fatal("Could not load tls cert: ", err)
+			}
+		} else { //YAAAAAAAAAAAA encryption without mmim checks
+			creds = credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+		}
+
+		opts = append(opts, grpc.WithTransportCredentials(creds))
+	}
 
 	println("Attempting connection to host server...")
 	var err error

src/server/main/configuration.go

@@ -29,6 +29,7 @@ type InstanceConfig struct {
 	InstancePort  uint           `json:"instance_port"`
 	SSLEncryption bool           `json:"sslencryption"`
 	CertFilePath  string         `json:"cert_file_path"`
+	KeyFilePath   string         `json:"key_file_path"`
 	Servers       []ServerConfig `json:"servers"`
 	Users         []Users        `json:"users"`
 }
@@ -38,14 +39,14 @@ type InstanceConfig struct {
  */
 
 type ServerConfig struct {
-	InstanceName                      string `json:"instance_name"`
-	HomeDirectory                     string `json:"home_directory"`
-	CommandToRun                      string `json:"command_to_run"`
-	MaxLines                          uint   `json:"max_lines"`
-	AmountOfLinesToCutOnMax           uint   `json:"amount_of_lines_to_cut_on_max"`
-	StopProcessCommand                string `json:"stop_process_command"`
+	InstanceName                string `json:"instance_name"`
+	HomeDirectory               string `json:"home_directory"`
+	CommandToRun                string `json:"command_to_run"`
+	MaxLines                    uint   `json:"max_lines"`
+	AmountOfLinesToCutOnMax     uint   `json:"amount_of_lines_to_cut_on_max"`
+	StopProcessCommand          string `json:"stop_process_command"`
 	UnresponsiveKillTimeSeconds uint   `json:"unresponsive_kill_time_seconds"`
-	MinecraftMode                     bool   `json:"minecraft_mode"`
+	MinecraftMode               bool   `json:"minecraft_mode"`
 }
 
 /*
@@ -57,7 +58,8 @@ func ConfigDefault() (InstanceConfig, ServerConfig, Users) {
 	con.InstanceName = "Server"
 	con.InstancePort = 6921
 	con.SSLEncryption = true
-	con.CertFilePath = "./cert.crt"
+	con.CertFilePath = "./server.crt"
+	con.KeyFilePath = "./server.key"
 
 	wi := ServerConfig{}
 	wi.InstanceName = "Server1"
@@ -221,9 +223,23 @@ func LoadConfig() {
 func verifySettings(config *InstanceConfig) {
 	namesUsed := make([]string, 1)
 
+	if config.SSLEncryption {
+		_, err := os.Stat(config.CertFilePath)
+		if os.IsNotExist(err) {
+			info(config.CertFilePath + " the cert file does not exist! Please fix this error in the config.")
+			logFatal(err)
+		}
+		_, err2 := os.Stat(config.KeyFilePath)
+		if os.IsNotExist(err2) {
+			info(config.CertFilePath + " the key file does not exist! Please fix this error in the config.")
+			logFatal(err2)
+		}
+	}
+
 	/*
 	 * Verify each server's settings
 	 */
+
 	for i, server := range config.Servers {
 
 		_, err := os.Stat(server.HomeDirectory)

src/server/main/esticonsole.go

@@ -44,10 +44,12 @@ func addToLogFile(str string, directory string) {
 func logFatal(err error) {
 	addLog(err.Error())
 	log.Fatal(err)
+	ClientsKill()
 }
 func logFatalStr(str string) {
 	addLog(str)
 	log.Fatal(str)
+	ClientsKill()
 }
 func println(str string) {
 	addLog(str)
@@ -156,7 +158,7 @@ func Shutdown() {
 			break
 		}
 	}
-	grpcServer.Stop()
+	//grpcServer.Stop() TODO nullptr
 
 	info("Exited EstiConsole " + version)
 	os.Exit(0)

src/server/main/processes.go

@@ -180,11 +180,25 @@ func ClientsStop() {
 			go func(server *Server) {
 				server.AutoStart = false
 				server.stop()
-				time.Sleep(time.Second * time.Duration(server.Settings.UnresponsiveKillTimeSeconds))
+				time.Sleep(time.Second * time.Duration(server.Settings.UnresponsiveKillTimeSeconds)) //perhaps remove thread blocking for the length of unresponsive kill time
 				if server.IsOnline {
 					server.Process.Process.Kill()
 				}
-				//TODO replace with better solution than blocking shutdown for many seconds...
+			}(Servers[key])
+		}
+	}
+}
+
+/*
+ * Kill clients
+ */
+
+func ClientsKill() {
+	for key, _ := range Servers {
+		if Servers[key].IsOnline {
+			go func(server *Server) {
+				server.AutoStart = false
+				server.kill()
 			}(Servers[key])
 		}
 	}
@@ -210,10 +224,10 @@ func StartClient(name string) string {
 
 func StopClient(name string) string {
 	if _, ok := Servers[name]; ok {
+		Servers[name].AutoStart = false
 		if !Servers[name].IsOnline {
 			return "Process already offline."
 		} else {
-			Servers[name].AutoStart = false
 			Servers[name].stop()
 			return "Stopped " + Servers[name].Settings.InstanceName
 		}
@@ -224,10 +238,10 @@ func StopClient(name string) string {
 
 func KillClient(name string) string {
 	if _, ok := Servers[name]; ok {
+		Servers[name].AutoStart = false
 		if !Servers[name].IsOnline {
 			return "Process is not online."
 		} else {
-			Servers[name].AutoStart = false
 			Servers[name].kill()
 			return "Killed process " + name + "."
 		}
@@ -244,7 +258,6 @@ func GetCPUUsage() string {
 		}
 		str := ""
 		for i, s := range stat.CPUStats { //Loop through all cpu cores
-			//TODO DISABLE IF NOT LINUX
 			str += "CPU " + string(i) + ":\n"
 			str += "User: " + string(s.User) + ", Nice: " + string(s.Nice) + ", System: " + string(s.System) + ", Idle: " + string(s.Idle) + ", IOWait: " + string(s.IOWait) + "\n"
 		}

src/server/main/rpcserver.go

@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"google.golang.org/grpc"
 	"errors"
+	"google.golang.org/grpc/credentials"
 )
 
 var grpcServer *grpc.Server
@@ -84,7 +85,7 @@ func (rpcserver *RPCServer) Attach(ctx context.Context, query *pb.ServerQuery) (
 	}
 
 	reply := &pb.ServerReply{}           //begin construction of reply
-	server := Servers[query.ProcessName] //TODO check if process exists
+	server := Servers[query.ProcessName]
 
 	//Parse ServerQuery object
 
@@ -129,7 +130,16 @@ func rpcserverStart() {
 		addLog(err.Error())
 		log.Fatal("Oh no! IPC listen error (check if the port has been taken):", err)
 	}
-	grpcServer = grpc.NewServer()
+	var grpcServer *grpc.Server
+	if instanceSettings.SSLEncryption {
+		creds, err := credentials.NewServerTLSFromFile(instanceSettings.CertFilePath, instanceSettings.KeyFilePath)
+		if err != nil {
+			logFatal(err)
+		}
+		grpcServer = grpc.NewServer(grpc.Creds(creds))
+	} else {
+		grpcServer = grpc.NewServer()
+	}
 	pb.RegisterRPCServerServer(grpcServer, &RPCServer{})
 	grpcServer.Serve(lis)
 }