root/sclient
1
1
Fork 0
mirror of https://github.com/therootcompany/sclient synced 2025-08-18 16:16:31 +00:00
Code Issues Releases Wiki Activity

ref!: supply a full *tls.Config for each connection

Browse Source
This commit is contained in:
AJ ONeal 2025-08-06 15:21:47 -06:00
parent bc4aeb3124
commit 6d07f5f663
No known key found for this signature in database
GPG Key ID: 9334E610B1ED6FBF
2 changed files with 19 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/sclient/main.go
View File

@ -1,6 +1,7 @@
package main package main
import ( import (
"crypto/tls"
"flag" "flag"
"fmt" "fmt"
"os" "os"
@ -81,10 +82,14 @@ func main() {
sclient := &sclient.Tunnel{ sclient := &sclient.Tunnel{
RemotePort: 443, RemotePort: 443,
LocalAddress: "localhost", LocalAddress: "localhost",
InsecureSkipVerify: insecure,
ServerName: servername,
Silent: silent, Silent: silent,
GetTLSConfig: func() *tls.Config {
return &tls.Config{
ServerName: servername,
NextProtos: alpns, NextProtos: alpns,
InsecureSkipVerify: insecure,
}
},
} }
remote := strings.Split(remotestr, ":") remote := strings.Split(remotestr, ":")

17
sclient.go
View File

@ -16,9 +16,7 @@ type Tunnel struct {
RemotePort int RemotePort int
LocalAddress string LocalAddress string
LocalPort int LocalPort int
InsecureSkipVerify bool GetTLSConfig func() *tls.Config
NextProtos []string
ServerName string
Silent bool Silent bool
} }
@ -26,12 +24,7 @@ type Tunnel struct {
// begin listening locally. Each local connection will result in a separate remote connection. // begin listening locally. Each local connection will result in a separate remote connection.
func (t *Tunnel) DialAndListen() error { func (t *Tunnel) DialAndListen() error {
remote := t.RemoteAddress + ":" + strconv.Itoa(t.RemotePort) remote := t.RemoteAddress + ":" + strconv.Itoa(t.RemotePort)
conn, err := tls.Dial("tcp", remote, conn, err := tls.Dial("tcp", remote, t.GetTLSConfig())
&tls.Config{
ServerName: t.ServerName,
InsecureSkipVerify: t.InsecureSkipVerify,
NextProtos: t.NextProtos,
})
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "[warn] '%s' may not be accepting connections: %s\n", remote, err) fmt.Fprintf(os.Stderr, "[warn] '%s' may not be accepting connections: %s\n", remote, err)
@ -142,11 +135,7 @@ func pipe(r netReadWriteCloser, w netReadWriteCloser, t string) {
} }
func (t *Tunnel) handleConnection(remote string, conn netReadWriteCloser) { func (t *Tunnel) handleConnection(remote string, conn netReadWriteCloser) {
sclient, err := tls.Dial("tcp", remote, sclient, err := tls.Dial("tcp", remote, t.GetTLSConfig())
&tls.Config{
ServerName: t.ServerName,
InsecureSkipVerify: t.InsecureSkipVerify,
})
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "[error] (remote) %s\n", err) fmt.Fprintf(os.Stderr, "[error] (remote) %s\n", err)