2025-10-07 09:28:19 +00:00
5 changed files with 41 additions and 108 deletions
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@ -3,34 +3,25 @@ before:
    - go mod download
    - go generate ./...
 builds:
-  - main: ./cmd/sclient/
+  - main: ./cmd/sclient/main.go
    env:
      - CGO_ENABLED=0
    goos:
      - darwin
      - linux
      - freebsd
      - windows
-      - js
+      - darwin
    goarch:
      - 386
      - amd64
      - arm
      - arm64
      - wasm
    goarm:
      - 6
      - 7
    goamd64:
      - v2
    ignore:
      - goos: windows
        goarch: 386
      - goos: windows
        goarm: 6
      - goos: windows
        goarm: 7
 archives:
-  - id: sclient-binary
+  - replacements:
-    format: tar.xz
+      386: i386
      amd64: x86_64
    format_overrides:
      - goos: windows
        format: zip
--- a/.prettierrc.json
+++ b/.prettierrc.json
@ -1,8 +0,0 @@
 {
  "printWidth": 80,
  "tabWidth": 2,
  "singleQuote": false,
  "bracketSpacing": true,
  "proseWrap": "always",
  "semi": true
 }
--- a/README.md
+++ b/README.md
@ -1,7 +1,6 @@
 # sclient
-Secure Client for exposing TLS (aka SSL) secured services as plain-text
+Secure Client for exposing TLS (aka SSL) secured services as plain-text connections locally.
 connections locally.
 Also ideal for multiplexing a single port with multiple protocols using SNI.
@ -31,8 +30,7 @@ cURL
 curl http://localhost:3000 -H 'Host: whatever.com'
 ```
-A poor man's (or Windows user's) makeshift replacement for `openssl s_client`,
+A poor man's (or Windows user's) makeshift replacement for `openssl s_client`, `stunnel`, or `socat`.
 `stunnel`, or `socat`.
 # Table of Contents
@ -55,11 +53,9 @@ curl.exe -A MS https://webinstall.dev/sclient | powershell
 ### Downloads
-Check the [Github Releases](https://github.com/therootcompany/sclient/releases)
+Check the [Github Releases](https://github.com/therootcompany/sclient/releases) for
 for
- macOS (x64) Apple Silicon
+- macOS (x64) Apple Silicon [coming soon](https://github.com/golang/go/issues/39782)
  [coming soon](https://github.com/golang/go/issues/39782)
 - Linux (x64, i386, arm64, arm6, arm7)
 - Windows 10 (x64, i386)
@ -70,11 +66,8 @@ sclient [flags] <remote> <local>
 ```
 - flags
-  - `-s`, `--silent` less verbose logging
+  - -k, --insecure ignore invalid TLS (SSL/HTTPS) certificates
-  - `-k`, `--insecure` ignore invalid TLS (SSL/HTTPS) certificates
+  - --servername <string> spoof SNI (to disable use IP as &lt;remote&gt; and do not use this option)
  - `--servername <domain>` spoof SNI (to disable use IP as &lt;remote&gt; and do
    not use this option)
  - `--alpn <protocol-list>`
 - remote
  - must have servername (i.e. example.com)
  - port is optional (default is 443)
@ -82,17 +75,6 @@ sclient [flags] <remote> <local>
  - address is optional (default is localhost)
  - must have port (i.e. 3000)
  -alpn string
    	acceptable protocols, ex: 'h2,http/1.1' 'http/1.1' (default) 'ssh' (default "http/1.1")
  -insecure
    	ignore bad TLS/SSL/HTTPS certificates
  -k	alias for --insecure
  -s	alias of --silent
  -servername string
    	specify a servername different from <remote> (to disable SNI use an IP as <remote> and do use this option)
  -silent
    	less verbose output
 # Examples
 Bridge between `telebit.cloud` and local port `3000`.
@ -139,14 +121,10 @@ sclient --servername "Robert'); DROP TABLE Students;" -k example.com localhost:3
 sclient --servername "../../../.hidden/private.txt" -k example.com localhost:3000
 ```
 # API
 See [Go Docs](https://pkg.go.dev/github.com/therootcompany/sclient).
 # Build from source
-You'll need to install [Go](https://golang.org). See
+You'll need to install [Go](https://golang.org).
-[webinstall.dev/golang](https://webinstall.dev/golang) for install instructions.
+See [webinstall.dev/golang](https://webinstall.dev/golang) for install instructions.
 ```bash
 curl -sS https://webinstall.dev/golang | bash
--- a/cmd/sclient/main.go
+++ b/cmd/sclient/main.go
@ -40,37 +40,27 @@ func usage() {
 func main() {
 	if len(os.Args) >= 2 {
-		if os.Args[1] == "-V" || strings.TrimLeft(os.Args[1], "-") == "version" {
+		if "version" == strings.TrimLeft(os.Args[1], "-") {
 			fmt.Printf("%s\n", ver())
 			os.Exit(0)
 			return
 		}
 	}
 	var alpnList string
 	var insecure bool
 	var servername string
 	var silent bool
 	flag.Usage = usage
-
+	insecure := flag.Bool("k", false, "alias for --insecure")
-	flag.StringVar(&alpnList, "alpn", "", "acceptable protocols, ex: 'h2,http/1.1' 'http/1.1' 'ssh'")
+	silent := flag.Bool("s", false, "alias of --silent")
-	flag.BoolVar(&insecure, "k", false, "alias for --insecure")
+	servername := flag.String("servername", "", "specify a servername different from <remote> (to disable SNI use an IP as <remote> and do use this option)")
-	flag.BoolVar(&silent, "s", false, "alias of --silent")
+	flag.BoolVar(insecure, "insecure", false, "ignore bad TLS/SSL/HTTPS certificates")
-	flag.StringVar(&servername, "servername", "", "specify a servername different from <remote> (to disable SNI use an IP as <remote> and do not use this option)")
+	flag.BoolVar(silent, "silent", false, "less verbose output")
 	flag.BoolVar(&insecure, "insecure", false, "ignore bad TLS/SSL/HTTPS certificates")
 	flag.BoolVar(&silent, "silent", false, "less verbose output")
 	flag.Parse()
 	alpns := parseOptionList(alpnList)
 	remotestr := flag.Arg(0)
 	localstr := flag.Arg(1)
 	i := flag.NArg()
-	if i != 2 {
+	if 2 != i {
 		// We may omit the second argument if we're going straight to stdin
-		if stat, _ := os.Stdin.Stat(); i == 1 && (stat.Mode()&os.ModeCharDevice) == 0 {
+		if stat, _ := os.Stdin.Stat(); 1 == i && (stat.Mode()&os.ModeCharDevice) == 0 {
 			localstr = "|"
 		} else {
 			usage()
@ -81,28 +71,27 @@ func main() {
 	sclient := &sclient.Tunnel{
 		RemotePort:         443,
 		LocalAddress:       "localhost",
-		InsecureSkipVerify: insecure,
+		InsecureSkipVerify: *insecure,
-		ServerName:         servername,
+		ServerName:         *servername,
-		Silent:             silent,
+		Silent:             *silent,
 		NextProtos:         alpns,
 	}
 	remote := strings.Split(remotestr, ":")
 	//remoteAddr, remotePort, err := net.SplitHostPort(remotestr)
-	if len(remote) == 2 {
+	if 2 == len(remote) {
 		rport, err := strconv.Atoi(remote[1])
 		if nil != err {
 			usage()
 			os.Exit(0)
 		}
 		sclient.RemotePort = rport
-	} else if len(remote) != 1 {
+	} else if 1 != len(remote) {
 		usage()
 		os.Exit(0)
 	}
 	sclient.RemoteAddress = remote[0]
-	if localstr == "-" || localstr == "|" {
+	if "-" == localstr || "|" == localstr {
 		// User may specify stdin/stdout instead of net
 		sclient.LocalAddress = localstr
 		sclient.LocalPort = -1
@ -110,7 +99,7 @@ func main() {
 		// Test that argument is a local address
 		local := strings.Split(localstr, ":")
-		if len(local) == 1 {
+		if 1 == len(local) {
 			lport, err := strconv.Atoi(local[0])
 			if nil != err {
 				usage()
@ -135,17 +124,3 @@ func main() {
 		//os.Exit(6)
 	}
 }
 // parsers "a,b,c" "a b c" and "a, b, c" all the same
 func parseOptionList(optionList string) []string {
 	optionList = strings.TrimSpace(optionList)
 	if len(optionList) == 0 {
 		return nil
 	}
 	optionList = strings.ReplaceAll(optionList, ",", " ")
 	options := strings.Fields(optionList)
 	return options
 }
--- a/sclient.go
+++ b/sclient.go
@ -17,7 +17,6 @@ type Tunnel struct {
 	LocalAddress       string
 	LocalPort          int
 	InsecureSkipVerify bool
 	NextProtos         []string
 	ServerName         string
 	Silent             bool
 }
@ -29,21 +28,20 @@ func (t *Tunnel) DialAndListen() error {
 	conn, err := tls.Dial("tcp", remote,
 		&tls.Config{
 			ServerName:         t.ServerName,
 			NextProtos:         t.NextProtos,
 			InsecureSkipVerify: t.InsecureSkipVerify,
 		})
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "[warn] '%s' may not be accepting connections: %s\n", remote, err)
 	} else {
-		_ = conn.Close()
+		conn.Close()
 	}
 	// use stdin/stdout
-	if t.LocalAddress == "-" || t.LocalAddress == "|" {
+	if "-" == t.LocalAddress || "|" == t.LocalAddress {
 		var name string
 		network := "stdio"
-		if t.LocalAddress == "|" {
+		if "|" == t.LocalAddress {
 			name = "pipe"
 		} else {
 			name = "stdin"
@ -61,7 +59,7 @@ func (t *Tunnel) DialAndListen() error {
 	}
 	if !t.Silent {
-		_, _ = fmt.Fprintf(os.Stdout, "[listening] %s:%d <= %s:%d\n",
+		fmt.Fprintf(os.Stdout, "[listening] %s:%d <= %s:%d\n",
 			t.RemoteAddress, t.RemotePort, t.LocalAddress, t.LocalPort)
 	}
@ -117,11 +115,11 @@ func pipe(r netReadWriteCloser, w netReadWriteCloser, t string) {
 			if io.EOF != err {
 				fmt.Fprintf(os.Stderr, "[read error] (%s:%d) %s\n", t, count, err)
 			}
-			_ = r.Close()
+			r.Close()
 			//w.Close()
 			done = true
 		}
-		if count == 0 {
+		if 0 == count {
 			break
 		}
 		_, err = w.Write(buffer[:count])
@ -131,7 +129,7 @@ func pipe(r netReadWriteCloser, w netReadWriteCloser, t string) {
 				fmt.Fprintf(os.Stderr, "[write error] (%s) %s\n", t, err)
 			}
 			// TODO handle error closing?
-			_ = r.Close()
+			r.Close()
 			//w.Close()
 			done = true
 		}
@ -145,22 +143,21 @@ func (t *Tunnel) handleConnection(remote string, conn netReadWriteCloser) {
 	sclient, err := tls.Dial("tcp", remote,
 		&tls.Config{
 			ServerName:         t.ServerName,
 			NextProtos:         t.NextProtos,
 			InsecureSkipVerify: t.InsecureSkipVerify,
 		})
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "[error] (remote) %s\n", err)
-		_ = conn.Close()
+		conn.Close()
 		return
 	}
 	if !t.Silent {
-		if conn.RemoteAddr().Network() == "stdio" {
+		if "stdio" == conn.RemoteAddr().Network() {
-			_, _ = fmt.Fprintf(os.Stdout, "(connected to %s:%d and reading from %s)\n",
+			fmt.Fprintf(os.Stdout, "(connected to %s:%d and reading from %s)\n",
 				t.RemoteAddress, t.RemotePort, conn.RemoteAddr().String())
 		} else {
-			_, _ = fmt.Fprintf(os.Stdout, "[connect] %s => %s:%d\n",
+			fmt.Fprintf(os.Stdout, "[connect] %s => %s:%d\n",
 				strings.Replace(conn.RemoteAddr().String(), "[::1]:", "localhost:", 1), t.RemoteAddress, t.RemotePort)
 		}
 	}