From 03fd3753770016ca57e497cd618a0b40b3099d6e Mon Sep 17 00:00:00 2001
From: Stewart Allen <stewart@neuron.com>
Date: Wed, 20 Apr 2016 14:24:14 -0400
Subject: [PATCH] add implicit https support when a valid tls certificate and
 key are supplied add sample cert and key files that can simply be renamed for
 local testing

---
 main.go         | 48 ++++++++++++++++++++++++++++++++++++++++++------
 sample-cert.pem | 26 ++++++++++++++++++++++++++
 sample-key.pem  | 27 +++++++++++++++++++++++++++
 3 files changed, 95 insertions(+), 6 deletions(-)
 create mode 100644 sample-cert.pem
 create mode 100644 sample-key.pem

diff --git a/main.go b/main.go
index c4101ae..9c5babc 100755
--- a/main.go
+++ b/main.go
@@ -25,6 +25,9 @@ var (
 	version      = "1.91"
 	versionFloat = float32(1.91)
 	addr         = flag.String("addr", ":8989", "http service address")
+	saddr        = flag.String("saddr", ":8990", "https service address")
+	scert        = flag.String("scert", "cert.pem", "https certificate file")
+	skey         = flag.String("skey", "key.pem", "https key file")
 	//assets       = flag.String("assets", defaultAssetPath(), "path to assets")
 	//verbose = flag.Bool("v", true, "show debug logging")
 	verbose = flag.Bool("v", false, "show debug logging")
@@ -91,7 +94,6 @@ func main() {
 	}
 
 	//getList()
-	f := flag.Lookup("addr")
 	log.Println("Version:" + version)
 
 	// hostname
@@ -122,12 +124,8 @@ func main() {
 		log.Println(err)
 	}
 
-	log.Print("Starting server and websocket on " + ip + "" + f.Value.String())
 	//homeTempl = template.Must(template.ParseFiles(filepath.Join(*assets, "home.html")))
 
-	log.Println("The Serial Port JSON Server is now running.")
-	log.Println("If you are using ChiliPeppr, you may go back to it and connect to this server.")
-
 	// see if they provided a regex filter
 	if len(*regExpFilter) > 0 {
 		log.Printf("You specified a serial port regular expression filter: %v\n", *regExpFilter)
@@ -188,11 +186,49 @@ func main() {
 
 	http.HandleFunc("/", homeHandler)
 	http.HandleFunc("/ws", wsHandler)
+
+	go startHttp(ip)
+	go startHttps(ip)
+
+	log.Println("The Serial Port JSON Server is now running.")
+	log.Println("If you are using ChiliPeppr, you may go back to it and connect to this server.")
+
+	// wait
+	ch := make(chan bool)
+	<-ch
+}
+
+func startHttp(ip string) {
+	f := flag.Lookup("addr")
+	log.Println("Starting http server and websocket on " + ip + "" + f.Value.String())
 	if err := http.ListenAndServe(*addr, nil); err != nil {
-		fmt.Printf("Error trying to bind to port: %v, so exiting...", err)
+		fmt.Printf("Error trying to bind to http port: %v, so exiting...\n", err)
 		log.Fatal("Error ListenAndServe:", err)
 	}
+}
+
+func startHttps(ip string) {
+	// generate self-signed cert for testing or local trusted networks
+	// openssl req -x509 -nodes -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
+
+	f := flag.Lookup("saddr")
+	cert, certErr := os.Open(*scert)
+	key, keyErr := os.Open(*skey)
 
+	cert.Close()
+	key.Close()
+
+	if certErr != nil || keyErr != nil {
+		log.Println("Missing tls cert and/or key. Will not start HTTPS server.")
+		//fmt.Println("Missing tls cert and/or key. Will not start HTTPS server.")
+		return
+	}
+
+	log.Println("Starting https server and websocket on " + ip + "" + f.Value.String())
+	if err := http.ListenAndServeTLS(*saddr, *scert, *skey, nil); err != nil {
+		fmt.Printf("Error trying to bind to https port: %v, so exiting...\n", err)
+		log.Fatal("Error ListenAndServeTLS:", err)
+	}
 }
 
 func externalIP() (string, error) {
diff --git a/sample-cert.pem b/sample-cert.pem
new file mode 100644
index 0000000..b237a55
--- /dev/null
+++ b/sample-cert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIETjCCAzagAwIBAgIJANLvDOX4UE/MMA0GCSqGSIb3DQEBBQUAMHcxCzAJBgNV
+BAYTAlhYMQswCQYDVQQIEwJZWTELMAkGA1UEBxMCWloxDDAKBgNVBAoTA0FCQzEM
+MAoGA1UECxMDREVGMRIwEAYDVQQDEwlsb2NhbGhvc3QxHjAcBgkqhkiG9w0BCQEW
+D2FkbWluQGxvY2FsaG9zdDAeFw0xNjA0MjAxODEzNDdaFw0xNzA0MjAxODEzNDda
+MHcxCzAJBgNVBAYTAlhYMQswCQYDVQQIEwJZWTELMAkGA1UEBxMCWloxDDAKBgNV
+BAoTA0FCQzEMMAoGA1UECxMDREVGMRIwEAYDVQQDEwlsb2NhbGhvc3QxHjAcBgkq
+hkiG9w0BCQEWD2FkbWluQGxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALgVUetvxfIYmcdw6XBvMWtXxnws6eI69NuPIXPPnuFtCVjh2CRF
++T2M5rVPtA+HyWPfbNrdX+9Mg1DgTSOMREKEJcEo6hh4O68Y2CtrcLR4HDZUbeqX
+pgzUSi9G49ByGDlAMUKieD+LzxNq6biTbAXKpTrHbfwCkTvNtxzAac7ygeWL26Hi
+hn67xp/KBi9RGM/w50nMe4AY9UDzM9UXpbYTGVr7GF5x8V8ETcO2BpaQw/fDV7TB
+NJccaNYJbSYjCgu+7IxFrHwFCjC3xSmkVXexVdoPHqEuEy2QY71Mwz8YRFzBpuKh
+/msxiQV4tpa8OhN9Ny6vJO2uDNTymACWvV0CAwEAAaOB3DCB2TAdBgNVHQ4EFgQU
+qsW79WmhsWzbv8zC0KLTmJv4FEUwgakGA1UdIwSBoTCBnoAUqsW79WmhsWzbv8zC
+0KLTmJv4FEWhe6R5MHcxCzAJBgNVBAYTAlhYMQswCQYDVQQIEwJZWTELMAkGA1UE
+BxMCWloxDDAKBgNVBAoTA0FCQzEMMAoGA1UECxMDREVGMRIwEAYDVQQDEwlsb2Nh
+bGhvc3QxHjAcBgkqhkiG9w0BCQEWD2FkbWluQGxvY2FsaG9zdIIJANLvDOX4UE/M
+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBACQd5Qt+9Z46MKHTteIU
+l+roIHHtpO5eP2450/lbvmYHtf0IFX0CiTszS8KtgDdAPcRJNNsNOOh7VLDX09IT
+aeAhNH1X2MAxNmM0FsDKWfT72G27TvXrP6I3Mgt0q1SJKGrxRxK/HesPzZ3TVypq
+Yie8OQ7ZxNxzeAH0ZoHmHpFBe+cOyr87xjzkih2ls9bYkiqBGxqzGn0uATdVimjj
+attRFU4zq/K9Rq1NVQIJDQWt0CgmJyR0V5GbEA2QcrS0ZLHPM1thxB3pSCTUXVQz
+T2Z5eG4gEsXfrM0s17DFg6kx18SsYj1jQUVFoJJCVbudDQ1BUlUNfc7mRghvuuG8
+pC4=
+-----END CERTIFICATE-----
diff --git a/sample-key.pem b/sample-key.pem
new file mode 100644
index 0000000..b8a1197
--- /dev/null
+++ b/sample-key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAuBVR62/F8hiZx3DpcG8xa1fGfCzp4jr0248hc8+e4W0JWOHY
+JEX5PYzmtU+0D4fJY99s2t1f70yDUOBNI4xEQoQlwSjqGHg7rxjYK2twtHgcNlRt
+6pemDNRKL0bj0HIYOUAxQqJ4P4vPE2rpuJNsBcqlOsdt/AKRO823HMBpzvKB5Yvb
+oeKGfrvGn8oGL1EYz/DnScx7gBj1QPMz1RelthMZWvsYXnHxXwRNw7YGlpDD98NX
+tME0lxxo1gltJiMKC77sjEWsfAUKMLfFKaRVd7FV2g8eoS4TLZBjvUzDPxhEXMGm
+4qH+azGJBXi2lrw6E303Lq8k7a4M1PKYAJa9XQIDAQABAoIBAQCNSDeuZgPbckwc
+SSmxFHYud5ir12DONAeXt3uqQfAj/aaN5BAajuXi+pBbGcgNn17O2zzVodAufl/O
+o8gwf0gocPn1DSzWCPltwriuYnCG4iRtAlG2Ghvkfs5NCLByXA8BaaYlCUMXKnuM
+4KJu+h6PN1+nBEcCgwnqh1GBrJ/IpwQVawrX2YVO9usSmg2XdyO4UlSwFpXpVrry
+zDlwMGQEWG6Rurgj1TX1idqreeRC9LycvKb8BjcaLEj310bkwdOOPd9gAArJ0u/5
+GDGKkUeiWqpUMjUdfqz243pFCUKNll91wU7zx7BSiQbSFcVNmZqeeP3qiZD7glBz
+KstGgf5hAoGBANqw4OX0BRClQzJWBGSe/uZZvj0GdWgcJpNK+7ZbqfvwxwW2OB8l
+o5cq7oSf9cVBO0ZPdQx3p24KRR0VQXRU+Nophg1sUll8JihbNX+dRspaZ4LMwgnz
+fzFvMVAPtb/XDRNGwC2YvWg7ZYygHhZ+09PQNIV2IxNtLJOjarQXlFupAoGBANd8
+/Bs7AxoaP/UpCQf+YmA61T2yBs7n1vAyOKKmyEgk3eIM0PhyCqEOerC6ecA07wzg
+GKa8RHyPqeqopnf8F3NletbhX0ZjY2Zykm2Ekv404x0QquurEsCC0O9I+1X3C6t/
+3/20EXIQnxgaWeaSYOOBpfvkvMSMIPm5D0FSkMSVAoGBALuWbdPSdWXJ3NIYprwJ
+Bm1hHaYLHDqpqw09jJzoE+9goddsbseI6cKJuP9alt8VDVtKXQTMvnnNpWtFCFhZ
+avz4EV0CRcEslS6YzlMg/dAlrBSuvuL6U2h8ELi0QRrFxRl73u09z3rROFJgJm71
+a46NUgAJTh0j0NDzpFvGviPBAoGBAMtSjdnvs3yUmhZrkq7tMsuTl5LwAIaHsIHR
+ESk/byjLSGS7LQ3PJQJUVCWevbRC/e/LHtdsOr7BG1Vjrjb2MPZcISzRWAFlU+vd
+XRZjCgM7ybOp/2wAbeAhTp0I4sV5JZS7QpDyr6dN0Z9/daYeJbdkpEXpzMczZQXb
+vG4pRpmFAoGAAfTb/nacIxGx5XNqq5fuxQVs4eknAFI+mXWAdjpIisuB166kgDsZ
+weoA32Ju+aU5P5OvYBpMJWTlrgM8IfkSVqr62I5Q1FSuoQEEWlXiWRMQPSFCa/f8
+Qi8tXnSR1qJZUEgykio0XxENjxN5P7Iu8MUKIBTH2RK8Hfwcxb/0r2M=
+-----END RSA PRIVATE KEY-----