tlswrapper

package module
v2.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 27, 2024 License: MIT Imports: 31 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoDialAddress  = errors.New("no dial address is configured")
	ErrDialInProgress = errors.New("another dial is in progress")
)
View Source 
var (
	Version  = "dev"
	Homepage = "https://github.com/hexian000/tlswrapper"
)
View Source 
var DefaultConfig = Config{
	ServerName:         "example.com",
	NoDelay:            true,
	Redial:             true,
	KeepAlive:          25,
	ServerKeepAlive:    300,
	StartupLimitStart:  10,
	StartupLimitRate:   30,
	StartupLimitFull:   60,
	MaxConn:            16384,
	MaxSessions:        128,
	AcceptBacklog:      256,
	StreamWindow:       256 * 1024,
	ConnectTimeout:     15,
	StreamOpenTimeout:  30,
	StreamCloseTimeout: 120,
	WriteTimeout:       15,
	Log:                "stdout",
	LogLevel:           slog.LevelNotice,
}

Functions

func RunHTTPServer 

func RunHTTPServer(l net.Listener, s *Server) error

Types

type Config 

type Config struct {
	// (optional) default local identity
	Identity string `json:"identity,omitempty"`
	// tunnel configs
	Tunnels []TunnelConfig `json:"tunnel"`
	// (optional) keep tunnels connected
	Redial bool `json:"redial"`
	// (optional) health check and metrics, default to "" (disabled)
	HTTPListen string `json:"httplisten,omitempty"`
	// TLS: (optional) SNI field in handshake, default to "example.com"
	ServerName string `json:"sni"`
	// TLS: local certificate
	Certificate string `json:"cert"`
	// TLS: local private key
	PrivateKey string `json:"key"`
	// TLS: authorized remote certificates, bundle supported
	AuthorizedCerts []string `json:"authcerts"`
	// (optional) TCP no delay, default to true
	NoDelay bool `json:"nodelay"`
	// (optional) client-side keep alive interval in seconds, default to 25 (every 25s)
	KeepAlive int `json:"keepalive"`
	// (optional) server-side keep alive interval in seconds, default to 300 (every 5min)
	ServerKeepAlive int `json:"serverkeepalive"`
	// (optional) soft limit of concurrent unauthenticated connections, default to 10
	StartupLimitStart int `json:"startuplimitstart"`
	// (optional) probability of random disconnection when soft limit is exceeded, default to 30 (30%)
	StartupLimitRate int `json:"startuplimitrate"`
	// (optional) hard limit of concurrent unauthenticated connections, default to 60
	StartupLimitFull int `json:"startuplimitfull"`
	// (optional) max concurrent streams, default to 16384
	MaxConn int `json:"maxconn"`
	// (optional) max concurrent incoming sessions, default to 128
	MaxSessions int `json:"maxsessions"`
	// (optional) mux accept backlog, default to 256, you may not want to change this
	AcceptBacklog int `json:"backlog"`
	// (optional) stream window size in bytes, default to 256 KiB, increase this on long fat networks
	StreamWindow uint32 `json:"window"`
	// (optional) tunnel connecting timeout in seconds, default to 15
	ConnectTimeout int `json:"timeout"`
	// (optional) stream open timeout in seconds, default to 30
	StreamOpenTimeout int `json:"streamopentimeout"`
	// (optional) stream close timeout in seconds, default to 120
	StreamCloseTimeout int `json:"streamclosetimeout"`
	// (optional) data write request timeout in seconds, default to 15, used to detect network failes early
	WriteTimeout int `json:"writetimeout"`
	// (optional) log output, default to stdout
	Log string `json:"log,omitempty"`
	// (optional) log output, default to 4 (notice)
	LogLevel int `json:"loglevel"`
}

Config file

func ReadConfig added in v2.0.3 

func ReadConfig(path string) (*Config, error)

func (*Config) NewMuxConfig 

func (c *Config) NewMuxConfig(isServer bool) *yamux.Config

NewMuxConfig creates yamux.Config

func (*Config) NewTLSConfig 

func (c *Config) NewTLSConfig(sni string) (*tls.Config, error)

NewTLSConfig creates tls.Config

func (*Config) SetConnParams 

func (c *Config) SetConnParams(conn net.Conn)

SetConnParams sets TCP params

func (*Config) Timeout 

func (c *Config) Timeout() time.Duration

Timeout gets the generic request timeout

func (*Config) Validate added in v2.0.3 

func (c *Config) Validate() error

type EmptyHandler 

type EmptyHandler struct{}

EmptyHandler rejects all connections

func (*EmptyHandler) Serve 

func (h *EmptyHandler) Serve(_ context.Context, accepted net.Conn)

type ForwardHandler 

type ForwardHandler struct {
	// contains filtered or unexported fields
}

ForwardHandler forwards connections to another plain address

func (*ForwardHandler) Serve 

func (h *ForwardHandler) Serve(ctx context.Context, accepted net.Conn)

type Handler 

type Handler interface {
	Serve(context.Context, net.Conn)
}

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server object

func NewServer 

func NewServer(cfg *Config) *Server

NewServer creates a server object

func (*Server) Listen 

func (s *Server) Listen(addr string) (net.Listener, error)

func (*Server) LoadConfig 

func (s *Server) LoadConfig(cfg *Config) error

LoadConfig reloads the configuration file

func (*Server) Serve 

func (s *Server) Serve(listener net.Listener, handler Handler)

func (*Server) Shutdown 

func (s *Server) Shutdown() error

Shutdown gracefully

func (*Server) Start 

func (s *Server) Start() error

Start the service

func (*Server) Stats 

func (s *Server) Stats() (stats ServerStats)

type ServerStats 

type ServerStats struct {
	NumSessions int
	NumStreams  int
	Rx, Tx      uint64
	Accepted    uint64
	Served      uint64
	Authorized  uint64
	ReqTotal    uint64
	ReqSuccess  uint64
	// contains filtered or unexported fields
}

type TLSHandler 

type TLSHandler struct {
	// contains filtered or unexported fields
}

TLSHandler creates a tunnel

func (*TLSHandler) Serve 

func (h *TLSHandler) Serve(ctx context.Context, conn net.Conn)

func (*TLSHandler) Stats4Listener added in v2.0.3 

func (h *TLSHandler) Stats4Listener() (numSessions uint32, numHalfOpen uint32)

type Tunnel 

type Tunnel struct {
	// contains filtered or unexported fields
}

func NewTunnel 

func NewTunnel(s *Server, c *TunnelConfig) *Tunnel

func (*Tunnel) MuxDial 

func (t *Tunnel) MuxDial(ctx context.Context) (net.Conn, error)

func (*Tunnel) NumSessions 

func (t *Tunnel) NumSessions() int

func (*Tunnel) Serve 

func (t *Tunnel) Serve(mux *yamux.Session)

func (*Tunnel) Start 

func (t *Tunnel) Start() error

func (*Tunnel) Stats 

func (t *Tunnel) Stats() TunnelStats

type TunnelConfig 

type TunnelConfig struct {
	// (optional) tunnel identity
	Identity string `json:"identity,omitempty"`
	// (optional) local identity
	LocalIdentity string `json:"localidentity,omitempty"`
	// (optional) tunnel listen address
	MuxListen string `json:"muxlisten,omitempty"`
	// (optional) tunnel dial address
	MuxDial string `json:"muxdial,omitempty"`
	// (optional) forwarding listen address
	Listen string `json:"listen,omitempty"`
	// (optional) forwarding dial address
	Dial string `json:"dial,omitempty"`
}

type TunnelHandler 

type TunnelHandler struct {
	// contains filtered or unexported fields
}

TunnelHandler forwards connections over the tunnel

func (*TunnelHandler) Serve 

func (h *TunnelHandler) Serve(ctx context.Context, accepted net.Conn)

type TunnelStats 

type TunnelStats struct {
	Name        string
	LastChanged time.Time
	NumSessions int
	NumStreams  int
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
tlswrapper

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.