Documentation
¶
Index ¶
- func NewHttpStreamClientReadWriter(rw zerocopy.DirectReadWriteCloser, targetAddr conn.Addr, ...) (zerocopy.ReadWriter, error)
- func NewHttpStreamServerReadWriter(rw zerocopy.DirectReadWriteCloser, usernameByToken map[string]string, ...) (*direct.DirectStreamReadWriter, conn.Addr, string, error)
- type ClientConfig
- type ConnectNonSuccessfulResponseError
- type FailedAuthAttemptsError
- type ProxyClient
- type ProxyServer
- type ServerConfig
- type ServerUserCredentials
- type TLSProxyServer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewHttpStreamClientReadWriter ¶
func NewHttpStreamClientReadWriter(rw zerocopy.DirectReadWriteCloser, targetAddr conn.Addr, proxyAuthHeader string) (zerocopy.ReadWriter, error)
NewHttpStreamClientReadWriter writes a HTTP/1.1 CONNECT request to rw and wraps rw into a zerocopy.ReadWriter ready for use.
func NewHttpStreamServerReadWriter ¶
func NewHttpStreamServerReadWriter(rw zerocopy.DirectReadWriteCloser, usernameByToken map[string]string, logger *zap.Logger) (*direct.DirectStreamReadWriter, conn.Addr, string, error)
NewHttpStreamServerReadWriter handles a HTTP request from rw and wraps rw into a ReadWriter ready for use.
Types ¶
type ClientConfig ¶
type ClientConfig struct {
// Name is the name of the client.
Name string
// Network controls the address family when resolving the address.
//
// - "tcp": System default, likely dual-stack.
// - "tcp4": Resolve to IPv4 addresses.
// - "tcp6": Resolve to IPv6 addresses.
Network string
// Address is the address of the remote proxy server.
Address string
// Dialer is the dialer used to establish connections.
Dialer conn.Dialer
// Certificates is an optional list of client certificates for mutual TLS.
// See [tls.Config.Certificates].
Certificates []tls.Certificate
// GetClientCertificate is an optional function that returns the client certificate for mutual TLS.
// See [tls.Config.GetClientCertificate].
GetClientCertificate func(*tls.CertificateRequestInfo) (*tls.Certificate, error)
// RootCAs is the set of root CAs used to verify server certificates.
// If nil, the host's CA set is used.
// See [tls.Config.RootCAs].
RootCAs *x509.CertPool
// ServerName is the server name used to verify the hostname on the returned certificates.
// See [tls.Config.ServerName].
ServerName string
// EncryptedClientHelloConfigList is a serialized ECHConfigList.
// See [tls.Config.EncryptedClientHelloConfigList].
EncryptedClientHelloConfigList []byte
// Username is the username used for authentication.
Username string
// Password is the password used for authentication.
Password string
// UseTLS controls whether to use TLS.
UseTLS bool
// UseBasicAuth controls whether to use HTTP Basic Authentication.
UseBasicAuth bool
}
ClientConfig contains configuration options for an HTTP proxy client.
func (*ClientConfig) NewProxyClient ¶
func (c *ClientConfig) NewProxyClient() (*ProxyClient, error)
NewProxyClient creates a new HTTP proxy client.
type ConnectNonSuccessfulResponseError ¶
type ConnectNonSuccessfulResponseError struct {
StatusCode int
}
ConnectNonSuccessfulResponseError is returned when the HTTP CONNECT response status code is not 2xx (Successful).
func (ConnectNonSuccessfulResponseError) Error ¶
func (e ConnectNonSuccessfulResponseError) Error() string
Error implements [error.Error].
type FailedAuthAttemptsError ¶
type FailedAuthAttemptsError struct {
// Attempts is the number of failed attempts.
Attempts int
}
FailedAuthAttemptsError is returned when the client fails to authenticate itself during the lifetime of the connection.
func (FailedAuthAttemptsError) Error ¶
func (e FailedAuthAttemptsError) Error() string
Error implements [error.Error].
type ProxyClient ¶
type ProxyClient struct {
// contains filtered or unexported fields
}
ProxyClient is an HTTP proxy client.
ProxyClient implements zerocopy.TCPClient.
func (*ProxyClient) Dial ¶
func (c *ProxyClient) Dial(ctx context.Context, targetAddr conn.Addr, payload []byte) (rawRW zerocopy.DirectReadWriteCloser, rw zerocopy.ReadWriter, err error)
Dial implements zerocopy.TCPClient.Dial.
func (*ProxyClient) Info ¶
func (c *ProxyClient) Info() zerocopy.TCPClientInfo
Info implements zerocopy.TCPClient.Info.
type ProxyServer ¶
type ProxyServer struct {
// contains filtered or unexported fields
}
ProxyServer is an HTTP proxy server.
ProxyServer implements zerocopy.TCPServer.
func (*ProxyServer) Accept ¶
func (s *ProxyServer) Accept(rawRW zerocopy.DirectReadWriteCloser) (rw zerocopy.ReadWriter, targetAddr conn.Addr, payload []byte, username string, err error)
Accept implements zerocopy.TCPServer.Accept.
func (*ProxyServer) Info ¶
func (s *ProxyServer) Info() zerocopy.TCPServerInfo
Info implements zerocopy.TCPServer.Info.
type ServerConfig ¶
type ServerConfig struct {
// Logger is the logger used for logging.
Logger *zap.Logger
// Users is a list of users allowed to connect to the server.
// It is ignored if none of the authentication methods are enabled.
Users []ServerUserCredentials
// Certificates is the list of server certificates for TLS.
// See [tls.Config.Certificates].
Certificates []tls.Certificate
// GetCertificate is a function that returns the server certificate for TLS.
// See [tls.Config.GetCertificate].
GetCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error)
// ClientCAs is the set of root CAs used to verify client certificates.
// See [tls.Config.ClientCAs].
ClientCAs *x509.CertPool
// EnableBasicAuth controls whether to enable HTTP Basic Authentication.
EnableBasicAuth bool
// EnableTLS controls whether to enable TLS.
EnableTLS bool
// RequireAndVerifyClientCert controls whether to require and verify client certificates.
RequireAndVerifyClientCert bool
}
ServerConfig contains configuration options for an HTTP proxy server.
func (*ServerConfig) NewProxyServer ¶
func (c *ServerConfig) NewProxyServer() (zerocopy.TCPServer, error)
NewProxyServer creates a new HTTP proxy server.
type ServerUserCredentials ¶
type ServerUserCredentials struct {
// Username is the username.
Username string `json:"username"`
// Password is the password.
Password string `json:"password"`
}
ServerUserCredentials contains the username and password for a server user.
type TLSProxyServer ¶
type TLSProxyServer struct {
// contains filtered or unexported fields
}
TLSProxyServer is an HTTP proxy server that uses TLS.
TLSProxyServer implements zerocopy.TCPServer.
func (*TLSProxyServer) Accept ¶
func (s *TLSProxyServer) Accept(rawRW zerocopy.DirectReadWriteCloser) (rw zerocopy.ReadWriter, targetAddr conn.Addr, payload []byte, username string, err error)
Accept implements zerocopy.TCPServer.Accept.
func (*TLSProxyServer) Info ¶
func (s *TLSProxyServer) Info() zerocopy.TCPServerInfo
Info implements zerocopy.TCPServer.Info.
Source Files