( w http.ResponseWriter, r *http.Request, l log.Logger)
| 295 | } |
| 296 | |
| 297 | func (s socket) Get( |
| 298 | w http.ResponseWriter, r *http.Request, l log.Logger) error { |
| 299 | // Error will not be returned when Websocket already handled |
| 300 | // (i.e. returned the error to client). We just log the error and that's it |
| 301 | c, err := s.upgrader.Upgrade(w, r, nil) |
| 302 | |
| 303 | if err != nil { |
| 304 | return NewError(http.StatusBadRequest, err.Error()) |
| 305 | } |
| 306 | |
| 307 | defer c.Close() |
| 308 | |
| 309 | wsReader := rw.NewFetchReader(s.buildWSFetcher(c)) |
| 310 | wsWriter := websocketWriter{Conn: c} |
| 311 | |
| 312 | // Initialize ciphers |
| 313 | // |
| 314 | // WARNING: The AES-GCM cipher is here for authenticating user login. Yeah |
| 315 | // it is overkill and probably not correct. But I eventually decide |
| 316 | // to keep it as long as it authenticates (Hopefully in a safe and |
| 317 | // secured way). |
| 318 | // |
| 319 | // DO NOT rely on this if you want to secured communitcation, in |
| 320 | // that case, you need to use HTTPS. |
| 321 | // |
| 322 | readNonce := [socketGCMStandardNonceSize]byte{} |
| 323 | _, nonceReadErr := io.ReadFull(&wsReader, readNonce[:]) |
| 324 | |
| 325 | if nonceReadErr != nil { |
| 326 | return NewError(http.StatusBadRequest, fmt.Sprintf( |
| 327 | "Unable to read initial client nonce: %s", nonceReadErr.Error())) |
| 328 | } |
| 329 | |
| 330 | writeNonce := [socketGCMStandardNonceSize]byte{} |
| 331 | nonceReadErr = s.generateNonce(writeNonce[:]) |
| 332 | |
| 333 | if nonceReadErr != nil { |
| 334 | return NewError(http.StatusBadRequest, fmt.Sprintf( |
| 335 | "Unable to generate initial server nonce: %s", |
| 336 | nonceReadErr.Error())) |
| 337 | } |
| 338 | |
| 339 | _, nonceSendErr := wsWriter.Write(writeNonce[:]) |
| 340 | |
| 341 | if nonceSendErr != nil { |
| 342 | return NewError(http.StatusBadRequest, fmt.Sprintf( |
| 343 | "Unable to send server nonce to client: %s", nonceSendErr.Error())) |
| 344 | } |
| 345 | |
| 346 | cipherKey := s.buildCipherKey() |
| 347 | |
| 348 | readCipher, writeCipher, cipherCreationErr := s.createCipher(cipherKey[:]) |
| 349 | |
| 350 | if cipherCreationErr != nil { |
| 351 | return NewError(http.StatusInternalServerError, fmt.Sprintf( |
| 352 | "Unable to create cipher: %s", cipherCreationErr.Error())) |
| 353 | } |
| 354 |
nothing calls this directly
no test coverage detected