parazyd.org/1/git/tlstun/commit/80766e8d7d6b78f0c471717d3e3ec32f590bbf75.gph

  URI:

       tAdd support for plain TCP without TLS. - tlstun - simple go program to add tls support to other listeners
  HTML git clone https://git.parazyd.org/tlstun
   DIR Log
   DIR Files
   DIR Refs
   DIR README
   DIR LICENSE
       ---
   DIR commit 80766e8d7d6b78f0c471717d3e3ec32f590bbf75
   DIR parent 39006a514a813efc24ad4e4db8392ac0c9a3c8a1
  HTML Author: parazyd <parazyd@dyne.org>
       Date:   Wed, 11 Sep 2019 19:28:00 +0200
       
       Add support for plain TCP without TLS.
       
       Diffstat:
         M README.md                           |       8 ++++++--
         M tlstun.go                           |       5 +++++
       
       2 files changed, 11 insertions(+), 2 deletions(-)
       ---
   DIR diff --git a/README.md b/README.md
       t@@ -5,7 +5,8 @@ tlstun is a simple Go program that will add TLS support for your
        programs that do not have it.
        
        It simply proxies from one TLS-listening host:port to another plaintext
       -host:port.
       +host:port. If TLS is not your thing, you can also proxy plain TCP
       +traffic.
        
        
        Installation
       t@@ -34,6 +35,8 @@ Usage of ./tlstun:
                Path for Key file (default "server-key.pem")
          -listen string
                Listen address (default "127.0.0.1:7443")
       +  -notls
       +        Disable TLS and just tunnel plain TCP
          -tlsver int
                TLS version to use (11, 12, 13) (default 13)
          -verbose
       t@@ -44,7 +47,8 @@ Usage of ./tlstun:
        
        tlstun supports two different ways of multiplexing, one being normal TLS
        proxying, and the other being TLS proxying with client certificate
       -authentication.
       +authentication. In addition to this, tlstun can also opt-out of TLS and
       +proxy plain TCP without encryption by using the `-notls` flag.
        
        
        ### Without client verification
   DIR diff --git a/tlstun.go b/tlstun.go
       t@@ -39,6 +39,7 @@ var (
                forward = flag.String("forward", "127.0.0.1:72", "Forward address")
                client  = flag.Bool("verifyclient", false, "Do client verification")
                verbose = flag.Bool("verbose", false, "Verbose mode")
       +        notls   = flag.Bool("notls", false, "Disable TLS and just tunnel plain TCP")
                tlsver  = flag.Int("tlsver", 13, "TLS version to use (11, 12, 13)")
        )
        
       t@@ -108,6 +109,10 @@ func server() (net.Listener, error) {
                        return nil, err
                }
        
       +        if *notls {
       +                return t, nil
       +        }
       +
                cfg, err := tlsConfig(*cert, *key)
                if err != nil {
                        return nil, err