This commit is contained in:
Vladislav Yarmak 2022-09-04 23:07:14 +03:00
parent 7436b359d2
commit 8b5dc9dccb
2 changed files with 43 additions and 2 deletions

2
go.sum
View File

@ -1,7 +1,9 @@
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 h1:cg5LA/zNPRzIXIWSCxQW10Rvpy94aQh3LT/ShoCpkHw= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 h1:cg5LA/zNPRzIXIWSCxQW10Rvpy94aQh3LT/ShoCpkHw=
golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

43
main.go
View File

@ -7,10 +7,15 @@ import (
"log" "log"
"net/http" "net/http"
"os" "os"
"path/filepath"
"strings"
"time" "time"
"golang.org/x/crypto/acme/autocert"
) )
var ( var (
home, _ = os.UserHomeDir()
version = "undefined" version = "undefined"
) )
@ -26,6 +31,23 @@ func arg_fail(msg string) {
os.Exit(2) os.Exit(2)
} }
type CSVArg []string
func (a *CSVArg) Set(s string) error {
*a = strings.Split(s, ",")
return nil
}
func (a *CSVArg) String() string {
if a == nil {
return "<nil>"
}
if *a == nil {
return "<empty>"
}
return strings.Join(*a, ",")
}
type CLIArgs struct { type CLIArgs struct {
bind_address string bind_address string
auth string auth string
@ -35,7 +57,10 @@ type CLIArgs struct {
list_ciphers bool list_ciphers bool
ciphers string ciphers string
disableHTTP2 bool disableHTTP2 bool
showVersion bool showVersion bool
autocert bool
autocertWhitelist CSVArg
autocertDir string
} }
func list_ciphers() { func list_ciphers() {
@ -58,6 +83,9 @@ func parse_args() CLIArgs {
flag.StringVar(&args.ciphers, "ciphers", "", "colon-separated list of enabled ciphers") flag.StringVar(&args.ciphers, "ciphers", "", "colon-separated list of enabled ciphers")
flag.BoolVar(&args.disableHTTP2, "disable-http2", false, "disable HTTP2") flag.BoolVar(&args.disableHTTP2, "disable-http2", false, "disable HTTP2")
flag.BoolVar(&args.showVersion, "version", false, "show program version and exit") flag.BoolVar(&args.showVersion, "version", false, "show program version and exit")
flag.BoolVar(&args.autocert, "autocert", false, "issue TLS certificates automatically")
flag.Var(&args.autocertWhitelist, "autocert-whitelist", "restrict autocert domains to this comma-separated list")
flag.StringVar(&args.autocertDir, "autocert-dir", filepath.Join(home, ".dumbproxy", "autocert"), "path to autocert cache")
flag.Parse() flag.Parse()
return args return args
} }
@ -70,7 +98,6 @@ func run() int {
return 0 return 0
} }
if args.list_ciphers { if args.list_ciphers {
list_ciphers() list_ciphers()
return 0 return 0
@ -116,6 +143,18 @@ func run() int {
cfg.CipherSuites = makeCipherList(args.ciphers) cfg.CipherSuites = makeCipherList(args.ciphers)
server.TLSConfig = cfg server.TLSConfig = cfg
err = server.ListenAndServeTLS("", "") err = server.ListenAndServeTLS("", "")
} else if args.autocert {
m := &autocert.Manager{
Cache: autocert.DirCache(args.autocertDir),
Prompt: autocert.AcceptTOS,
}
if args.autocertWhitelist != nil {
m.HostPolicy = autocert.HostWhitelist([]string(args.autocertWhitelist)...)
}
cfg := m.TLSConfig()
cfg.CipherSuites = makeCipherList(args.ciphers)
server.TLSConfig = cfg
err = server.ListenAndServeTLS("", "")
} else { } else {
err = server.ListenAndServe() err = server.ListenAndServe()
} }