mirror of
https://github.com/net-byte/vtun
synced 2024-03-14 10:50:03 +08:00
58 lines
1.4 KiB
Go
58 lines
1.4 KiB
Go
package tls
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"github.com/net-byte/vtun/common/config"
|
|
"github.com/net-byte/vtun/tcp"
|
|
"github.com/net-byte/water"
|
|
"log"
|
|
)
|
|
|
|
// StartServer starts the tls server
|
|
func StartServer(iFace *water.Interface, config config.Config) {
|
|
log.Printf("vtun tls server started on %v", config.LocalAddr)
|
|
cert, err := tls.LoadX509KeyPair(config.TLSCertificateFilePath, config.TLSCertificateKeyFilePath)
|
|
if err != nil {
|
|
log.Panic(err)
|
|
}
|
|
tlsConfig := &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
MinVersion: tls.VersionTLS13,
|
|
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
|
|
CipherSuites: []uint16{
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
|
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
|
|
},
|
|
}
|
|
ln, err := tls.Listen("tcp", config.LocalAddr, tlsConfig)
|
|
if err != nil {
|
|
log.Panic(err)
|
|
}
|
|
// server -> client
|
|
go tcp.ToClient(config, iFace)
|
|
// client -> server
|
|
for {
|
|
conn, err := ln.Accept()
|
|
if err != nil {
|
|
continue
|
|
}
|
|
sniffConn := NewPeekPreDataConn(conn)
|
|
switch sniffConn.Type {
|
|
case TypeHttp:
|
|
if sniffConn.Handle() {
|
|
continue
|
|
}
|
|
case TypeHttp2:
|
|
if sniffConn.Handle() {
|
|
continue
|
|
}
|
|
}
|
|
go tcp.ToServer(config, sniffConn, iFace)
|
|
}
|
|
}
|