fangdingjun
/
sniproxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

go fmt and fix static check warnings

Browse Source
master
dingjun 2 years ago
parent 12f4938134
commit c39f4f526a
5 changed files with 375 additions and 358 deletions
Show Stats Download Patch File Download Diff File

16
common.go
Unescape Escape View File

@ -69,9 +69,11 @@ const (
) )
// TLS compression types. // TLS compression types.
/*
const ( const (
compressionNone uint8 = 0 compressionNone uint8 = 0
) )
*/
// TLS extension numbers // TLS extension numbers
const ( const (
@ -107,9 +109,11 @@ const (
// TLS Elliptic Curve Point Formats // TLS Elliptic Curve Point Formats
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
/*
const ( const (
pointFormatUncompressed uint8 = 0 pointFormatUncompressed uint8 = 0
) )
*/
// TLS CertificateStatusType (RFC 3546) // TLS CertificateStatusType (RFC 3546)
const ( const (
@ -117,6 +121,7 @@ const (
) )
// Certificate types (for certificateRequestMsg) // Certificate types (for certificateRequestMsg)
/*
const ( const (
certTypeRSASign = 1 // A certificate containing an RSA key certTypeRSASign = 1 // A certificate containing an RSA key
certTypeDSSSign = 2 // A certificate containing a DSA key certTypeDSSSign = 2 // A certificate containing a DSA key
@ -130,19 +135,24 @@ const (
// Rest of these are reserved by the TLS spec // Rest of these are reserved by the TLS spec
) )
*/
// Hash functions for TLS 1.2 (See RFC 5246, section A.4.1) // Hash functions for TLS 1.2 (See RFC 5246, section A.4.1)
/*
const ( const (
hashSHA1 uint8 = 2 hashSHA1 uint8 = 2
hashSHA256 uint8 = 4 hashSHA256 uint8 = 4
hashSHA384 uint8 = 5 hashSHA384 uint8 = 5
) )
*/
// Signature algorithms for TLS 1.2 (See RFC 5246, section A.4.1) // Signature algorithms for TLS 1.2 (See RFC 5246, section A.4.1)
/*
const ( const (
signatureRSA uint8 = 1 signatureRSA uint8 = 1
signatureECDSA uint8 = 3 signatureECDSA uint8 = 3
) )
*/
// signatureAndHash mirrors the TLS 1.2, SignatureAndHashAlgorithm struct. See // signatureAndHash mirrors the TLS 1.2, SignatureAndHashAlgorithm struct. See
// RFC 5246, section A.4.1. // RFC 5246, section A.4.1.
@ -153,6 +163,7 @@ type signatureAndHash struct {
// supportedSignatureAlgorithms contains the signature and hash algorithms that // supportedSignatureAlgorithms contains the signature and hash algorithms that
// the code advertises as supported in a TLS 1.2 ClientHello and in a TLS 1.2 // the code advertises as supported in a TLS 1.2 ClientHello and in a TLS 1.2
// CertificateRequest. // CertificateRequest.
/*
var supportedSignatureAlgorithms = []signatureAndHash{ var supportedSignatureAlgorithms = []signatureAndHash{
{hashSHA256, signatureRSA}, {hashSHA256, signatureRSA},
{hashSHA256, signatureECDSA}, {hashSHA256, signatureECDSA},
@ -161,6 +172,7 @@ var supportedSignatureAlgorithms = []signatureAndHash{
{hashSHA1, signatureRSA}, {hashSHA1, signatureRSA},
{hashSHA1, signatureECDSA}, {hashSHA1, signatureECDSA},
} }
*/
// ConnectionState records basic TLS details about the connection. // ConnectionState records basic TLS details about the connection.
type ConnectionState struct { type ConnectionState struct {
@ -201,6 +213,7 @@ const (
// ClientSessionState contains the state needed by clients to resume TLS // ClientSessionState contains the state needed by clients to resume TLS
// sessions. // sessions.
/*
type ClientSessionState struct { type ClientSessionState struct {
sessionTicket []uint8 // Encrypted ticket used for session resumption with server sessionTicket []uint8 // Encrypted ticket used for session resumption with server
vers uint16 // SSL/TLS version negotiated for the session vers uint16 // SSL/TLS version negotiated for the session
@ -209,12 +222,14 @@ type ClientSessionState struct {
serverCertificates []*x509.Certificate // Certificate chain presented by the server serverCertificates []*x509.Certificate // Certificate chain presented by the server
verifiedChains [][]*x509.Certificate // Certificate chains we built for verification verifiedChains [][]*x509.Certificate // Certificate chains we built for verification
} }
*/
// ClientSessionCache is a cache of ClientSessionState objects that can be used // ClientSessionCache is a cache of ClientSessionState objects that can be used
// by a client to resume a TLS session with a given server. ClientSessionCache // by a client to resume a TLS session with a given server. ClientSessionCache
// implementations should expect to be called concurrently from different // implementations should expect to be called concurrently from different
// goroutines. Only ticket-based resumption is supported, not SessionID-based // goroutines. Only ticket-based resumption is supported, not SessionID-based
// resumption. // resumption.
/*
type ClientSessionCache interface { type ClientSessionCache interface {
// Get searches for a ClientSessionState associated with the given key. // Get searches for a ClientSessionState associated with the given key.
// On return, ok is true if one was found. // On return, ok is true if one was found.
@ -223,6 +238,7 @@ type ClientSessionCache interface {
// Put adds the ClientSessionState to the cache with the given key. // Put adds the ClientSessionState to the cache with the given key.
Put(sessionKey string, cs *ClientSessionState) Put(sessionKey string, cs *ClientSessionState)
} }
*/
/* /*
// SignatureScheme identifies a signature algorithm supported by TLS. See // SignatureScheme identifies a signature algorithm supported by TLS. See

4
conf_test.go
Unescape Escape View File

@ -1,14 +1,14 @@
package main package main
import ( import (
"io/ioutil" "os"
"testing" "testing"
yaml "gopkg.in/yaml.v2" yaml "gopkg.in/yaml.v2"
) )
func TestConf(t *testing.T) { func TestConf(t *testing.T) {
data, err := ioutil.ReadFile("config.sample.yaml") data, err := os.ReadFile("config.sample.yaml")
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }

13
main.go
Unescape Escape View File

@ -5,7 +5,6 @@ import (
"flag" "flag"
"fmt" "fmt"
"io" "io"
"io/ioutil"
"net" "net"
"os" "os"
"os/signal" "os/signal"
@ -78,7 +77,11 @@ func forward(ctx context.Context, c net.Conn, data []byte, dst string) {
Command: proxyproto.PROXY, Command: proxyproto.PROXY,
TransportProtocol: proxyproto.TCPv4, TransportProtocol: proxyproto.TCPv4,
SourceAddr: raddr, SourceAddr: raddr,
DestinationAddr: &net.TCPAddr{}, DestinationAddr: &net.TCPAddr{
IP: []byte{0, 0, 0, 0},
Port: 0,
Zone: "",
},
} }
switch strings.ToLower(ss[1]) { switch strings.ToLower(ss[1]) {
@ -186,7 +189,7 @@ func main() {
flag.StringVar(&loglevel, "log_level", "INFO", "log level") flag.StringVar(&loglevel, "log_level", "INFO", "log level")
flag.Parse() flag.Parse()
data, err := ioutil.ReadFile(cfgfile) data, err := os.ReadFile(cfgfile)
if err != nil { if err != nil {
glog.Fatal(err) glog.Fatal(err)
} }
@ -231,9 +234,7 @@ func main() {
ch := make(chan os.Signal, 2) ch := make(chan os.Signal, 2)
signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM) signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM)
select { s := <-ch
case s := <-ch:
cancel() cancel()
glog.Printf("received signal %s, exit.", s) glog.Printf("received signal %s, exit.", s)
} }
}

4
proto_test.go
Unescape Escape View File

@ -3,8 +3,8 @@ package main
import ( import (
"context" "context"
"crypto/tls" "crypto/tls"
"io/ioutil"
"net" "net"
"os"
"testing" "testing"
"github.com/fangdingjun/go-log/v5" "github.com/fangdingjun/go-log/v5"
@ -15,7 +15,7 @@ import (
func TestProxyProto(t *testing.T) { func TestProxyProto(t *testing.T) {
log.Default.Level = log.DEBUG log.Default.Level = log.DEBUG
data, err := ioutil.ReadFile("config.sample.yaml") data, err := os.ReadFile("config.sample.yaml")
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }

Write Preview
Loading…
Cancel
Save