blek
/
astraproxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add tls version CLI args

This commit is contained in:
Vladislav Yarmak 2024-07-06 14:51:11 +03:00
parent 571d90fd79
commit 43dbaa5b3d
1 changed files with 68 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
main.go
View File

@ -52,6 +52,66 @@ func (a *CSVArg) String() string {
return strings.Join(*a, ",") return strings.Join(*a, ",")
} }
type TLSVersionArg uint16
func (a *TLSVersionArg) Set(s string) error {
var ver uint16
switch strings.ToUpper(s) {
case "TLS10":
ver = tls.VersionTLS10
case "TLS11":
ver = tls.VersionTLS11
case "TLS12":
ver = tls.VersionTLS12
case "TLS13":
ver = tls.VersionTLS13
case "TLS1.0":
ver = tls.VersionTLS10
case "TLS1.1":
ver = tls.VersionTLS11
case "TLS1.2":
ver = tls.VersionTLS12
case "TLS1.3":
ver = tls.VersionTLS13
case "10":
ver = tls.VersionTLS10
case "11":
ver = tls.VersionTLS11
case "12":
ver = tls.VersionTLS12
case "13":
ver = tls.VersionTLS13
case "1.0":
ver = tls.VersionTLS10
case "1.1":
ver = tls.VersionTLS11
case "1.2":
ver = tls.VersionTLS12
case "1.3":
ver = tls.VersionTLS13
case "":
default:
return fmt.Errorf("unknown TLS version %q", s)
}
*a = TLSVersionArg(ver)
return nil
}
func (a *TLSVersionArg) String() string {
switch *a {
case tls.VersionTLS10:
return "TLS10"
case tls.VersionTLS11:
return "TLS11"
case tls.VersionTLS12:
return "TLS12"
case tls.VersionTLS13:
return "TLS13"
default:
return fmt.Sprintf("%#04x", *a)
}
}
type CLIArgs struct { type CLIArgs struct {
bind_address string bind_address string
auth string auth string
@ -74,10 +134,15 @@ type CLIArgs struct {
proxy []string proxy []string
sourceIPHints string sourceIPHints string
userIPHints bool userIPHints bool
minTLSVersion TLSVersionArg
maxTLSVersion TLSVersionArg
} }
func parse_args() CLIArgs { func parse_args() CLIArgs {
var args CLIArgs args := CLIArgs{
minTLSVersion: TLSVersionArg(tls.VersionTLS12),
maxTLSVersion: TLSVersionArg(tls.VersionTLS13),
}
flag.StringVar(&args.bind_address, "bind-address", ":8080", "HTTP proxy listen address. Set empty value to use systemd socket activation.") flag.StringVar(&args.bind_address, "bind-address", ":8080", "HTTP proxy listen address. Set empty value to use systemd socket activation.")
flag.StringVar(&args.auth, "auth", "none://", "auth parameters") flag.StringVar(&args.auth, "auth", "none://", "auth parameters")
flag.IntVar(&args.verbosity, "verbosity", 20, "logging verbosity "+ flag.IntVar(&args.verbosity, "verbosity", 20, "logging verbosity "+
@ -105,6 +170,8 @@ func parse_args() CLIArgs {
}) })
flag.StringVar(&args.sourceIPHints, "ip-hints", "", "a comma-separated list of source addresses to use on dial attempts. \"$lAddr\" gets expanded to local address of connection. Example: \"10.0.0.1,fe80::2,$lAddr,0.0.0.0,::\"") flag.StringVar(&args.sourceIPHints, "ip-hints", "", "a comma-separated list of source addresses to use on dial attempts. \"$lAddr\" gets expanded to local address of connection. Example: \"10.0.0.1,fe80::2,$lAddr,0.0.0.0,::\"")
flag.BoolVar(&args.userIPHints, "user-ip-hints", false, "allow IP hints to be specified by user in X-Src-IP-Hints header") flag.BoolVar(&args.userIPHints, "user-ip-hints", false, "allow IP hints to be specified by user in X-Src-IP-Hints header")
flag.Var(&args.minTLSVersion, "min-tls-version", "minimal TLS version accepted by server")
flag.Var(&args.maxTLSVersion, "max-tls-version", "maximum TLS version accepted by server")
flag.Parse() flag.Parse()
args.positionalArgs = flag.Args() args.positionalArgs = flag.Args()
return args return args