Browse Source

doc updates

tags/v1.3.1
AJ ONeal 6 months ago
parent
commit
959268bf31
2 changed files with 71 additions and 62 deletions
  1. 11
    5
      doc.go
  2. 60
    57
      sclient.go

+ 11
- 5
doc.go View File

@@ -1,24 +1,32 @@
1 1
 /*
2
-Package sclient unwraps SSL.
2
+sclient unwraps SSL.
3 3
 
4 4
 It makes secure remote connections (such as HTTPS) available locally as plain-text connections -
5 5
 similar to `stunnel` or `openssl s_client`.
6 6
 
7 7
 There are a variety of reasons that you might want to do that,
8 8
 but we created it specifically to be able to upgrade applications with legacy
9
-security protocols - like SSH, OpenVPN, and Postgres - to be able to take
10
-advantage of the features modern TLS, such as ALPN and SNI
9
+security protocols - like SSH, OpenVPN, and Postgres - to take
10
+advantage of the features of modern TLS, such as ALPN and SNI
11 11
 (which makes them routable through almost every type of firewall).
12 12
 
13 13
 See https://telebit.cloud/sclient for more info.
14 14
 
15 15
 Try the CLI
16 16
 
17
+If you'd like to better understand what sclient does, you can try it out with `go run`:
18
+
17 19
 	go get git.rootprojects.org/root/sclient.go/cmd/sclient
18 20
 	go run git.rootprojects.org/root/sclient.go/cmd/sclient example.com:443 localhost:3000
21
+	curl http://localhost:3000 -H "Host: example.com"
22
+
23
+Pre-built versions for various platforms are also available at
24
+https://telebit.cloud/sclient
19 25
 
20 26
 Package Basics
21 27
 
28
+The general use of
29
+
22 30
 	servername := "example.com"
23 31
 
24 32
 	sclient := &sclient.Tunnel{
@@ -31,8 +39,6 @@ Package Basics
31 39
 
32 40
 	err := sclient.DialAndListen()
33 41
 
34
-Pre-built versions for various platforms are also available at
35
-https://telebit.cloud/sclient
36 42
 
37 43
 */
38 44
 package sclient

+ 60
- 57
sclient.go View File

@@ -10,6 +10,66 @@ import (
10 10
 	"strings"
11 11
 )
12 12
 
13
+// Tunnel specifies which remote encrypted connection to make available as a plain connection locally.
14
+type Tunnel struct {
15
+	RemoteAddress      string
16
+	RemotePort         int
17
+	LocalAddress       string
18
+	LocalPort          int
19
+	InsecureSkipVerify bool
20
+	ServerName         string
21
+}
22
+
23
+// DialAndListen will create a test TLS connection to the remote address and then
24
+// begin listening locally. Each local connection will result in a separate remote connection.
25
+func (t *Tunnel) DialAndListen() error {
26
+	remote := t.RemoteAddress + ":" + strconv.Itoa(t.RemotePort)
27
+	conn, err := tls.Dial("tcp", remote,
28
+		&tls.Config{
29
+			ServerName:         t.ServerName,
30
+			InsecureSkipVerify: t.InsecureSkipVerify,
31
+		})
32
+
33
+	if err != nil {
34
+		fmt.Fprintf(os.Stderr, "[warn] '%s' may not be accepting connections: %s\n", remote, err)
35
+	} else {
36
+		conn.Close()
37
+	}
38
+
39
+	// use stdin/stdout
40
+	if "-" == t.LocalAddress || "|" == t.LocalAddress {
41
+		var name string
42
+		network := "stdio"
43
+		if "|" == t.LocalAddress {
44
+			name = "pipe"
45
+		} else {
46
+			name = "stdin"
47
+		}
48
+		conn := &stdnet{os.Stdin, os.Stdout, &stdaddr{net.UnixAddr{name, network}}}
49
+		t.handleConnection(remote, conn)
50
+		return nil
51
+	}
52
+
53
+	// use net.Conn
54
+	local := t.LocalAddress + ":" + strconv.Itoa(t.LocalPort)
55
+	ln, err := net.Listen("tcp", local)
56
+	if err != nil {
57
+		return err
58
+	}
59
+
60
+	fmt.Fprintf(os.Stdout, "[listening] %s:%d <= %s:%d\n",
61
+		t.RemoteAddress, t.RemotePort, t.LocalAddress, t.LocalPort)
62
+
63
+	for {
64
+		conn, err := ln.Accept()
65
+		if nil != err {
66
+			fmt.Fprintf(os.Stderr, "[error] %s\n", err)
67
+			continue
68
+		}
69
+		go t.handleConnection(remote, conn)
70
+	}
71
+}
72
+
13 73
 // I wonder if I can get this to exactly mirror UnixAddr without passing it in
14 74
 type stdaddr struct {
15 75
 	net.UnixAddr
@@ -40,15 +100,6 @@ type netReadWriteCloser interface {
40 100
 	RemoteAddr() net.Addr
41 101
 }
42 102
 
43
-type Tunnel struct {
44
-	RemoteAddress      string
45
-	RemotePort         int
46
-	LocalAddress       string
47
-	LocalPort          int
48
-	InsecureSkipVerify bool
49
-	ServerName         string
50
-}
51
-
52 103
 func pipe(r netReadWriteCloser, w netReadWriteCloser, t string) {
53 104
 	buffer := make([]byte, 2048)
54 105
 	for {
@@ -109,51 +160,3 @@ func (t *Tunnel) handleConnection(remote string, conn netReadWriteCloser) {
109 160
 	go pipe(conn, sclient, "local")
110 161
 	pipe(sclient, conn, "remote")
111 162
 }
112
-
113
-func (t *Tunnel) DialAndListen() error {
114
-	remote := t.RemoteAddress + ":" + strconv.Itoa(t.RemotePort)
115
-	conn, err := tls.Dial("tcp", remote,
116
-		&tls.Config{
117
-			ServerName:         t.ServerName,
118
-			InsecureSkipVerify: t.InsecureSkipVerify,
119
-		})
120
-
121
-	if err != nil {
122
-		fmt.Fprintf(os.Stderr, "[warn] '%s' may not be accepting connections: %s\n", remote, err)
123
-	} else {
124
-		conn.Close()
125
-	}
126
-
127
-	// use stdin/stdout
128
-	if "-" == t.LocalAddress || "|" == t.LocalAddress {
129
-		var name string
130
-		network := "stdio"
131
-		if "|" == t.LocalAddress {
132
-			name = "pipe"
133
-		} else {
134
-			name = "stdin"
135
-		}
136
-		conn := &stdnet{os.Stdin, os.Stdout, &stdaddr{net.UnixAddr{name, network}}}
137
-		t.handleConnection(remote, conn)
138
-		return nil
139
-	}
140
-
141
-	// use net.Conn
142
-	local := t.LocalAddress + ":" + strconv.Itoa(t.LocalPort)
143
-	ln, err := net.Listen("tcp", local)
144
-	if err != nil {
145
-		return err
146
-	}
147
-
148
-	fmt.Fprintf(os.Stdout, "[listening] %s:%d <= %s:%d\n",
149
-		t.RemoteAddress, t.RemotePort, t.LocalAddress, t.LocalPort)
150
-
151
-	for {
152
-		conn, err := ln.Accept()
153
-		if nil != err {
154
-			fmt.Fprintf(os.Stderr, "[error] %s\n", err)
155
-			continue
156
-		}
157
-		go t.handleConnection(remote, conn)
158
-	}
159
-}

Loading…
Cancel
Save