pipe

Documentation

Overview

Package pipe implements the pipe logic, i.e. listening for TLS or UDP connections and proxying data to the target destination.

Index

• type Config
• type Server
  • func NewServer(config *Config) (s *Server, err error)
  • func (s *Server) Addr() (addr net.Addr)
  • func (s *Server) Shutdown(ctx context.Context) (err error)
  • func (s *Server) Start() (err error)
  • func (s *Server) String() (str string)

Types

type Config

type Config struct {
	// ListenAddr is the address (ip:port) where the server will be listening
	// to. Depending on the mode the server uses, it will either listen for TLS
	// or UDP connections.
	ListenAddr string

	// DestinationAddr is the address (host:port) to where the server will try
	// to connect. Depending on the mode the server uses, it will either
	// connect to a TLS endpoint (the pipe server) or not.
	DestinationAddr string

	// Password enables authentication of the pipe clients. If set, it also
	// enables active probing protection.
	Password string

	// ServerMode controls the way the pipe operates. When it's true, the pipe
	// server operates in server mode, i.e. it accepts incoming TLS connections
	// and proxies the data to the destination address over UDP. When it works
	// in client mode, it is the other way around: accepts UDP traffic and
	// proxies it to the destination pipe server over TLS.
	ServerMode bool

	// URL of a proxy server that can be used for proxying traffic to the
	// destination.
	ProxyURL string

	// VerifyCertificate enables server certificate verification in client mode.
	// If enabled, the client will verify the server certificate using the
	// system root certs store.
	VerifyCertificate bool

	// TLSServerName configures the server name to send in TLS ClientHello when
	// operating in client mode and the server name that will be used when
	// generating a stub certificate. If not set, the default domain name will
	// be used for these purposes.
	TLSServerName string

	// TLSCertificate is an optional field that allows to configure the TLS
	// certificate to use when running in server mode. This option makes sense
	// only for server mode. If not configured, the server will generate a stub
	// self-signed certificate automatically.
	TLSCertificate *tls.Certificate

	// ProbeReverseProxyURL is the URL that will be used by the reverse HTTP
	// proxy to respond to unauthorized or proxy requests. If not specified,
	// it will respond with a stub page 403 Forbidden.
	ProbeReverseProxyURL string
}

Config represents the server configuration.

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server represents an udptlspipe pipe. Depending on whether it is created in server- or client- mode, it listens to TLS or UDP connections and pipes the data to the destination.

func NewServer

func NewServer(config *Config) (s *Server, err error)

NewServer creates a new instance of a *Server.

func (*Server) Addr

func (s *Server) Addr() (addr net.Addr)

Addr returns the address the pipe listens to if it is started or nil.

func (*Server) Shutdown

func (s *Server) Shutdown(ctx context.Context) (err error)

Shutdown stops the pipe and waits for all active connections to close.

func (*Server) Start

func (s *Server) Start() (err error)

Start starts the pipe, exits immediately if it failed to start listening. Start returns once all servers are considered up.

func (*Server) String

func (s *Server) String() (str string)

String implements the fmt.Stringer interface for *Server.