tlsmux

package module

v0.2.0 Latest Latest Go to latest Published: Oct 10, 2021 License: MIT Imports: 8 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kevinpollet/tlsmux

Links

Open Source Insights

README ¶

tlsmux

Go package providing an implementation of a net.Conn multiplexer based on the TLS SNI (Server Name Indication) sent by a client.

Installation

Install using go get github.com/kevinpollet/tlsmux.

Usage

Mux

The Mux struct allows registering handlers which will be called when the muxer serve a net.Conn with a matching server name.

mux := tlsmux.Mux{}

l, err := net.Listen("tcp", "127.0.0.1:8080")
if err != nil {
    log.Fatal(err)
}

if err := mux.Serve(l); err != nil {
    log.Fatal(err)
}

Handler

The Handler interface is used to handle an incoming net.Conn without decrypting the underlying TLS communication (Pass Through). Implementations are responsible for closing the connection.

The HandlerFunc type is an adapter to allow the use of ordinary functions as a Handler.

mux.Handle("server.name", tlsmux.HandlerFunc(func(conn net.Conn) error {
    defer conn.Close()

    // Handle the encrypted TLS connection.
}))

TLSHandler

The TLSHandler struct is a Handler implementation allowing to terminate the TLS connection with the configured tls.Config. Thus, the net.Conn parameter of a TLSHandler if of type tls.Conn.
Implementations are responsible for closing the connection.

The TLSHandlerFunc type is an adapter to allow the use of ordinary functions as a TLSHandler.

cfg := &tls.Config{
    MinVersion: tls.VersionTLS13,
    Certificates: []tls.Certificate{cert},
}

mux.Handle("foo.localhost", tlsmux.TLSHandlerFunc(cfg, func(conn net.Conn) error {
    defer conn.Close()

    // Handle the decrypted TLS connection.
}))

ProxyHandler

The ProxyHandler struct is a Handler implementation forwarding the connection bytes to the configured Address. The ProxyHandlerFunc is an adapter allowing the use of a ProxyHandler as a HandlerFunc.

// Forward the encrypted connection bytes.
mux.Handle("foo.localhost", tlsmux.ProxyHandler{Addr: "127.0.0.1:443"})

// Forward the decrypted connection bytes.
mux.Handle("foo.localhost", tlsmux.TLSHandlerFunc(tlsConfig, tlsmux.ProxyHandlerFunc("127.0.0.1:80"))

License

MIT

Documentation ¶

Index ¶

func ClientHelloServerName(conn net.Conn) (string, []byte)
type Handler
type HandlerFunc
- func ProxyHandlerFunc(addr string) HandlerFunc
- func (h HandlerFunc) ServeConn(conn net.Conn) error
type Mux
type ProxyHandler
- func (p ProxyHandler) ServeConn(conn net.Conn) error
type TLSHandler
- func TLSHandlerFunc(config *tls.Config, handler HandlerFunc) TLSHandler
- func (h TLSHandler) ServeConn(conn net.Conn) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ClientHelloServerName ¶

func ClientHelloServerName(conn net.Conn) (string, []byte)

ClientHelloServerName reads the TLS server name from the given net.Conn and returns it with the peeked bytes.

Types ¶

type Handler ¶

type Handler interface {
	ServeConn(net.Conn) error
}

Handler is in charge of handling as connection.

type HandlerFunc ¶

type HandlerFunc func(net.Conn) error

HandlerFunc is an adapter to allow the use of ordinary functions as a Handler.

func ProxyHandlerFunc ¶ added in v0.2.0

func ProxyHandlerFunc(addr string) HandlerFunc

ProxyHandlerFunc is an adapter to allow the use of a ProxyHandler as a HandlerFunc.

func (HandlerFunc) ServeConn ¶

func (h HandlerFunc) ServeConn(conn net.Conn) error

type Mux ¶

type Mux struct {
	// contains filtered or unexported fields
}

Mux is a TCP connection multiplexer which reads the TLS server name indication to route the connection to the matching Handler.

func (*Mux) Handle ¶

func (m *Mux) Handle(serverName string, handler Handler)

Handle registers a Handler for the given server name.

func (*Mux) Serve ¶

func (m *Mux) Serve(l net.Listener) error

Serve accepts incoming connections on the given listener and starts a go routine to serve each connection. TODO handle errors.

func (*Mux) ServeConn ¶

func (m *Mux) ServeConn(c net.Conn) error

ServeConn reads the TLS server name indication and forwards the net.Conn to the matching Handler. Handler implementations are responsible for closing the connection. TODO: handle panics TODO: client hello timeout.

type ProxyHandler ¶ added in v0.2.0

type ProxyHandler struct {
	Addr string
}

ProxyHandler is a Handler implementation forwarding the connection bytes to the configured Addr.

func (ProxyHandler) ServeConn ¶ added in v0.2.0

func (p ProxyHandler) ServeConn(conn net.Conn) error

type TLSHandler ¶

type TLSHandler struct {
	Handler

	Config *tls.Config
}

TLSHandler is a Handler implementation handling TLS connection by using the configured tls.Config.

func TLSHandlerFunc ¶

func TLSHandlerFunc(config *tls.Config, handler HandlerFunc) TLSHandler

TLSHandlerFunc is an adapter to allow the use of a function as a TLSHandler.

func (TLSHandler) ServeConn ¶

func (h TLSHandler) ServeConn(conn net.Conn) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL