-
Notifications
You must be signed in to change notification settings - Fork 20
/
tls.go
89 lines (72 loc) · 1.89 KB
/
tls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package tls
import (
"context"
"crypto/tls"
"math/rand/v2"
"net"
"github.com/Asutorufa/yuhaiin/pkg/net/netapi"
"github.com/Asutorufa/yuhaiin/pkg/protos/config/listener"
"github.com/Asutorufa/yuhaiin/pkg/protos/node/point"
"github.com/Asutorufa/yuhaiin/pkg/protos/node/protocol"
)
type Tls struct {
netapi.EmptyDispatch
tlsConfig []*tls.Config
dialer netapi.Proxy
}
func init() {
point.RegisterProtocol(NewClient)
}
func NewClient(c *protocol.Protocol_Tls) point.WrapProxy {
return func(p netapi.Proxy) (netapi.Proxy, error) {
var tlsConfigs []*tls.Config
tls := point.ParseTLSConfig(c.Tls)
if tls != nil {
// if !tls.InsecureSkipVerify && tls.ServerName == "" {
// tls.ServerName = c.Simple.GetHost()
// }
tlsConfigs = append(tlsConfigs, tls)
if len(c.Tls.ServerNames) > 1 {
for _, v := range c.Tls.ServerNames[1:] {
tc := tls.Clone()
tc.ServerName = v
tlsConfigs = append(tlsConfigs, tc)
}
}
}
return &Tls{
tlsConfig: tlsConfigs,
dialer: p,
}, nil
}
}
func (t *Tls) Conn(ctx context.Context, addr netapi.Address) (net.Conn, error) {
c, err := t.dialer.Conn(ctx, addr)
if err != nil {
return nil, err
}
length := len(t.tlsConfig)
if length == 0 {
return c, nil
}
return tls.Client(c, t.tlsConfig[rand.IntN(length)]), nil
}
func (t *Tls) PacketConn(ctx context.Context, addr netapi.Address) (net.PacketConn, error) {
return t.dialer.PacketConn(ctx, addr)
}
func init() {
listener.RegisterTransport(NewServer)
}
func NewServer(c *listener.Transport_Tls) func(netapi.Listener) (netapi.Listener, error) {
config, err := listener.ParseTLS(c.Tls.Tls)
if err != nil {
return listener.ErrorTransportFunc(err)
}
return func(ii netapi.Listener) (netapi.Listener, error) {
lis, err := ii.Stream(context.TODO())
if err != nil {
return nil, err
}
return netapi.PatchStream(tls.NewListener(lis, config), ii), nil
}
}