feat: add --alpn <proto-list> (for h2, ssh, etc)
This commit is contained in:
AJ ONeal
parent
8783d46849
commit
bc4aeb3124
|
|
@ -3,7 +3,7 @@ before:
|
||||||
- go mod download
|
- go mod download
|
||||||
- go generate ./...
|
- go generate ./...
|
||||||
builds:
|
builds:
|
||||||
- main: ./cmd/sclient/main.go
|
- main: ./cmd/sclient/
|
||||||
env:
|
env:
|
||||||
- CGO_ENABLED=0
|
- CGO_ENABLED=0
|
||||||
goos:
|
goos:
|
||||||
|
|
|
||||||
18
README.md
18
README.md
|
|
@ -70,10 +70,11 @@ sclient [flags] <remote> <local>
|
||||||
```
|
```
|
||||||
|
|
||||||
- flags
|
- flags
|
||||||
- -s, --silent less verbose logging
|
- `-s`, `--silent` less verbose logging
|
||||||
- -k, --insecure ignore invalid TLS (SSL/HTTPS) certificates
|
- `-k`, `--insecure` ignore invalid TLS (SSL/HTTPS) certificates
|
||||||
- --servername <string> spoof SNI (to disable use IP as <remote> and do
|
- `--servername <domain>` spoof SNI (to disable use IP as <remote> and do
|
||||||
not use this option)
|
not use this option)
|
||||||
|
- `--alpn <protocol-list>`
|
||||||
- remote
|
- remote
|
||||||
- must have servername (i.e. example.com)
|
- must have servername (i.e. example.com)
|
||||||
- port is optional (default is 443)
|
- port is optional (default is 443)
|
||||||
|
|
@ -81,6 +82,17 @@ sclient [flags] <remote> <local>
|
||||||
- address is optional (default is localhost)
|
- address is optional (default is localhost)
|
||||||
- must have port (i.e. 3000)
|
- must have port (i.e. 3000)
|
||||||
|
|
||||||
|
-alpn string
|
||||||
|
acceptable protocols, ex: 'h2,http/1.1' 'http/1.1' (default) 'ssh' (default "http/1.1")
|
||||||
|
-insecure
|
||||||
|
ignore bad TLS/SSL/HTTPS certificates
|
||||||
|
-k alias for --insecure
|
||||||
|
-s alias of --silent
|
||||||
|
-servername string
|
||||||
|
specify a servername different from <remote> (to disable SNI use an IP as <remote> and do use this option)
|
||||||
|
-silent
|
||||||
|
less verbose output
|
||||||
|
|
||||||
# Examples
|
# Examples
|
||||||
|
|
||||||
Bridge between `telebit.cloud` and local port `3000`.
|
Bridge between `telebit.cloud` and local port `3000`.
|
||||||
|
|
|
||||||
|
|
@ -40,20 +40,30 @@ func usage() {
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
if len(os.Args) >= 2 {
|
if len(os.Args) >= 2 {
|
||||||
if "version" == strings.TrimLeft(os.Args[1], "-") {
|
if os.Args[1] == "-V" || strings.TrimLeft(os.Args[1], "-") == "version" {
|
||||||
fmt.Printf("%s\n", ver())
|
fmt.Printf("%s\n", ver())
|
||||||
os.Exit(0)
|
os.Exit(0)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var alpnList string
|
||||||
|
var insecure bool
|
||||||
|
var servername string
|
||||||
|
var silent bool
|
||||||
|
|
||||||
flag.Usage = usage
|
flag.Usage = usage
|
||||||
insecure := flag.Bool("k", false, "alias for --insecure")
|
|
||||||
silent := flag.Bool("s", false, "alias of --silent")
|
flag.StringVar(&alpnList, "alpn", "", "acceptable protocols, ex: 'h2,http/1.1' 'http/1.1' 'ssh'")
|
||||||
servername := flag.String("servername", "", "specify a servername different from <remote> (to disable SNI use an IP as <remote> and do not use this option)")
|
flag.BoolVar(&insecure, "k", false, "alias for --insecure")
|
||||||
flag.BoolVar(insecure, "insecure", false, "ignore bad TLS/SSL/HTTPS certificates")
|
flag.BoolVar(&silent, "s", false, "alias of --silent")
|
||||||
flag.BoolVar(silent, "silent", false, "less verbose output")
|
flag.StringVar(&servername, "servername", "", "specify a servername different from <remote> (to disable SNI use an IP as <remote> and do not use this option)")
|
||||||
|
flag.BoolVar(&insecure, "insecure", false, "ignore bad TLS/SSL/HTTPS certificates")
|
||||||
|
flag.BoolVar(&silent, "silent", false, "less verbose output")
|
||||||
|
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
alpns := parseOptionList(alpnList)
|
||||||
remotestr := flag.Arg(0)
|
remotestr := flag.Arg(0)
|
||||||
localstr := flag.Arg(1)
|
localstr := flag.Arg(1)
|
||||||
|
|
||||||
|
|
@ -71,9 +81,10 @@ func main() {
|
||||||
sclient := &sclient.Tunnel{
|
sclient := &sclient.Tunnel{
|
||||||
RemotePort: 443,
|
RemotePort: 443,
|
||||||
LocalAddress: "localhost",
|
LocalAddress: "localhost",
|
||||||
InsecureSkipVerify: *insecure,
|
InsecureSkipVerify: insecure,
|
||||||
ServerName: *servername,
|
ServerName: servername,
|
||||||
Silent: *silent,
|
Silent: silent,
|
||||||
|
NextProtos: alpns,
|
||||||
}
|
}
|
||||||
|
|
||||||
remote := strings.Split(remotestr, ":")
|
remote := strings.Split(remotestr, ":")
|
||||||
|
|
@ -124,3 +135,18 @@ func main() {
|
||||||
//os.Exit(6)
|
//os.Exit(6)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// parsers "a,b,c" "a b c" and "a, b, c" all the same
|
||||||
|
func parseOptionList(optionList string) []string {
|
||||||
|
optionList = strings.TrimSpace(optionList)
|
||||||
|
|
||||||
|
if len(optionList) == 0 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
options := []string{}
|
||||||
|
optionList = strings.ReplaceAll(optionList, ",", " ")
|
||||||
|
options = strings.Fields(optionList)
|
||||||
|
|
||||||
|
return options
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ type Tunnel struct {
|
||||||
LocalAddress string
|
LocalAddress string
|
||||||
LocalPort int
|
LocalPort int
|
||||||
InsecureSkipVerify bool
|
InsecureSkipVerify bool
|
||||||
|
NextProtos []string
|
||||||
ServerName string
|
ServerName string
|
||||||
Silent bool
|
Silent bool
|
||||||
}
|
}
|
||||||
|
|
@ -29,6 +30,7 @@ func (t *Tunnel) DialAndListen() error {
|
||||||
&tls.Config{
|
&tls.Config{
|
||||||
ServerName: t.ServerName,
|
ServerName: t.ServerName,
|
||||||
InsecureSkipVerify: t.InsecureSkipVerify,
|
InsecureSkipVerify: t.InsecureSkipVerify,
|
||||||
|
NextProtos: t.NextProtos,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue