proxy

package
v0.0.0-...-aaf7e33 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2021 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewClientTLSConfig 

func NewClientTLSConfig(clientCaCrt []byte, provider ClientCertificateProvider, nextProto string) *tls.Config

func NewServerTLSConfig 

func NewServerTLSConfig(clientCaCrt []byte, provider ServerCertificateProvider, protos []string) *tls.Config

client authentication is process by TLS client certificate verification

Types

type ACMEProvider 

type ACMEProvider struct {
	// contains filtered or unexported fields
}

func NewACMEProvider 

func NewACMEProvider(domains []string) *ACMEProvider

!!! ACMEProvider is untested not sure if it works

func (*ACMEProvider) GetCert 

func (p *ACMEProvider) GetCert(helo *tls.ClientHelloInfo) (*tls.Certificate, error)

func (*ACMEProvider) StartHTTP 

func (p *ACMEProvider) StartHTTP() error

StartHTTP starts the ACME HTTP handler

type ClientCertificateProvider 

type ClientCertificateProvider interface {
	GetClientCert(*tls.CertificateRequestInfo) (*tls.Certificate, error)
}

type Conn 

type Conn struct {
	quic.Session
	quic.Stream
}

Conn satisfies net.Conn interface

func (Conn) Close 

func (c Conn) Close() error

type HTTPHandler 

type HTTPHandler struct {
	*goproxy.ProxyHttpServer
}

func NewHTTPHandler 

func NewHTTPHandler() *HTTPHandler

func (*HTTPHandler) Serve 

func (h *HTTPHandler) Serve(l net.Listener) error

type Handler 

type Handler interface {
	Serve(net.Listener) error
}

Change Handler interface function from ServeConn(net.Conn) to Serve(net.Listener) to work with http proxy. But it's not a good approach because to work with ServeConn, server needs a buffered listener. Using buffered listener adds complexity, server will stop accepting new connection if one of buffers is full. also cause more CPU comsumption and worse performance because Go channel use mutex lock underneath.

type LocalConfig 

type LocalConfig struct {
	Global  LocalGlobalConfig `json:"global,omitempty" yaml:"global"`
	Servers []LocalServerCfg  `json:"servers,omitempty" yaml:"servers"`
}

FIXME: group configurations, currently certificate config and goproxy specific config are mixed like a mess

func ParseLocalServerCfg 

func ParseLocalServerCfg(data []byte) (LocalConfig, error)

type LocalGlobalConfig 

type LocalGlobalConfig struct {
	MetricsAddr string `json:"metrics_addr,omitempty" yaml:"metrics_addr"`
}

type LocalServer 

type LocalServer struct {
	// contains filtered or unexported fields
}

func NewLocalServer 

func NewLocalServer(tlsCfg *tls.Config, logger *log.Logger, protocol string, remoteAddr string) (*LocalServer, error)

func (*LocalServer) ListenAndServe 

func (s *LocalServer) ListenAndServe(addr string) (err error)

func (*LocalServer) ServeConn 

func (s *LocalServer) ServeConn(conn net.Conn) error

type LocalServerCfg 

type LocalServerCfg struct {
	Name       string `yaml:"name"`
	Protocol   string `yaml:"protocol"`
	LocalAddr  string `yaml:"localAddr"`
	ServerAddr string `yaml:"serverAddr"`
	CaCert     string `yaml:"caCert"`
	ClientCert string `yaml:"clientCert"`
	ClientKey  string `yaml:"clientKey"`
}

type LocalServerMetricsVec 

type LocalServerMetricsVec struct {
	RequestCount             *prometheus.CounterVec
	HandshakeErrCount        *prometheus.CounterVec
	CurrentConnGauge         *prometheus.GaugeVec
	RequestHandshakeDuration *prometheus.HistogramVec
	RequestHandlingDuration  *prometheus.HistogramVec // not includes handshake time
}

type RemoteServerCfg 

type RemoteServerCfg struct {
	Addr       string   `yaml:"addr"`
	CaCert     string   `yaml:"caCert"`
	ServerCert string   `yaml:"serverCert"`
	Domains    []string `yaml:"domains"`
	ServerKey  string   `yaml:"serverKey"`
	Protocols  []string `yaml:"protocols"`
}

func ParseRemoteServerCfg 

func ParseRemoteServerCfg(data []byte) (*RemoteServerCfg, error)

type Server 

type Server struct {
	// contains filtered or unexported fields
}

func NewProxyServer 

func NewProxyServer(tlsCfg *tls.Config, logger *log.Logger, addr string) (*Server, error)

func (*Server) Handle 

func (s *Server) Handle(protocol string, handler Handler, bufSize int) error

Handle register handler for given protocol and create a buffered listener for it Server will accept connections, then send connection to corresponding buffered listener according to connection's protocol

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe() error

type ServerCertificateProvider 

type ServerCertificateProvider interface {
	GetCert(*tls.ClientHelloInfo) (*tls.Certificate, error)
}

type StaticProvider 

type StaticProvider struct {
	// contains filtered or unexported fields
}

func NewLocalProvider 

func NewLocalProvider(certFile string, keyFile string) (*StaticProvider, error)

func (*StaticProvider) GetCert 

func (p *StaticProvider) GetCert(helo *tls.ClientHelloInfo) (*tls.Certificate, error)

func (*StaticProvider) GetClientCert 

func (p *StaticProvider) GetClientCert(*tls.CertificateRequestInfo) (*tls.Certificate, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.