tls: add experimental tls support

2025-02-23 09:25:41 +08:00 · 2018-06-28 20:45:24 +08:00 · 2018-06-28 20:45:24 +08:00 · 20273b48be
commit 20273b48be
parent 9dbc0acc88
3 changed files with 87 additions and 3 deletions
--- a/ipset_linux.go
+++ b/ipset_linux.go
@ -304,14 +304,14 @@ func (m *NfGenMsg) Serialize() []byte {
 	return buf
 }

-// Extend RtAttr to handle data and children
+// RtAttr Extend RtAttr to handle data and children
 type RtAttr struct {
 	syscall.RtAttr
 	Data     []byte
 	children []NetlinkRequestData
 }

-// Create a new Extended RtAttr object
+// NewRtAttr Create a new Extended RtAttr object
 func NewRtAttr(attrType int, data []byte) *RtAttr {
 	return &RtAttr{
 		RtAttr: syscall.RtAttr{
@ -322,7 +322,7 @@ func NewRtAttr(attrType int, data []byte) *RtAttr {
 	}
 }

-// Create a new RtAttr obj anc add it as a child of an existing object
+// NewRtAttrChild Create a new RtAttr obj anc add it as a child of an existing object
 func NewRtAttrChild(parent *RtAttr, attrType int, data []byte) *RtAttr {
 	attr := NewRtAttr(attrType, data)
 	parent.children = append(parent.children, attr)
--- a/main.go
+++ b/main.go
@ -18,6 +18,7 @@ import (
 	_ "github.com/nadoo/glider/proxy/ss"
 	_ "github.com/nadoo/glider/proxy/ssr"
 	_ "github.com/nadoo/glider/proxy/tcptun"
+	_ "github.com/nadoo/glider/proxy/tls"
 	_ "github.com/nadoo/glider/proxy/udptun"
 	_ "github.com/nadoo/glider/proxy/uottun"
 	_ "github.com/nadoo/glider/proxy/vmess"
--- a/proxy/tls/tls.go
+++ b/proxy/tls/tls.go
@ -0,0 +1,83 @@
+package tls
+
+import (
+	stdtls "crypto/tls"
+	"errors"
+	"net"
+	"net/url"
+	"strings"
+
+	"github.com/nadoo/glider/common/log"
+	"github.com/nadoo/glider/proxy"
+)
+
+// TLS .
+type TLS struct {
+	dialer proxy.Dialer
+	addr   string
+
+	serverName string
+}
+
+func init() {
+	proxy.RegisterDialer("tls", NewTLSDialer)
+}
+
+// NewTLS returns a tls proxy.
+func NewTLS(s string, dialer proxy.Dialer) (*TLS, error) {
+	u, err := url.Parse(s)
+	if err != nil {
+		log.F("parse url err: %s", err)
+		return nil, err
+	}
+
+	addr := u.Host
+
+	colonPos := strings.LastIndex(addr, ":")
+	if colonPos == -1 {
+		colonPos = len(addr)
+	}
+	serverName := addr[:colonPos]
+
+	p := &TLS{
+		dialer:     dialer,
+		addr:       addr,
+		serverName: serverName,
+	}
+
+	return p, nil
+}
+
+// NewTLSDialer returns a tls proxy dialer.
+func NewTLSDialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) {
+	return NewTLS(s, dialer)
+}
+
+// Addr returns forwarder's address
+func (s *TLS) Addr() string { return s.addr }
+
+// NextDialer returns the next dialer
+func (s *TLS) NextDialer(dstAddr string) proxy.Dialer { return s.dialer.NextDialer(dstAddr) }
+
+// Dial connects to the address addr on the network net via the proxy.
+func (s *TLS) Dial(network, addr string) (net.Conn, error) {
+	cc, err := s.dialer.Dial("tcp", s.addr)
+	if err != nil {
+		log.F("proxy-tls dial to %s error: %s", s.addr, err)
+		return nil, err
+	}
+
+	conf := &stdtls.Config{
+		ServerName: s.serverName,
+		//InsecureSkipVerify: true,
+	}
+
+	c := stdtls.Client(cc, conf)
+	err = c.Handshake()
+	return c, err
+}
+
+// DialUDP connects to the given address via the proxy.
+func (s *TLS) DialUDP(network, addr string) (net.PacketConn, net.Addr, error) {
+	return nil, nil, errors.New("tls client does not support udp now")
+}