add tls config option

2022-01-05 00:02:55 +08:00
parent c428b37a36
commit 3b48c4acfb
43 changed files with 395 additions and 496 deletions
--- a/pkg/handler/option.go
+++ b/pkg/handler/option.go
@ -1,6 +1,7 @@
 package handler

 import (
+	"crypto/tls"
 	"net/url"

 	"github.com/go-gost/gost/pkg/bypass"
@ -11,13 +12,14 @@ import (
 )

 type Options struct {
-	Retries  int
-	Chain    *chain.Chain
-	Resolver resolver.Resolver
-	Hosts    hosts.HostMapper
-	Bypass   bypass.Bypass
-	Auths    []*url.Userinfo
-	Logger   logger.Logger
+	Retries   int
+	Chain     *chain.Chain
+	Resolver  resolver.Resolver
+	Hosts     hosts.HostMapper
+	Bypass    bypass.Bypass
+	Auths     []*url.Userinfo
+	TLSConfig *tls.Config
+	Logger    logger.Logger
 }

 type Option func(opts *Options)
@ -58,6 +60,12 @@ func AuthsOption(auths ...*url.Userinfo) Option {
 	}
 }

+func TLSConfigOption(tlsConfig *tls.Config) Option {
+	return func(opts *Options) {
+		opts.TLSConfig = tlsConfig
+	}
+}
+
 func LoggerOption(logger logger.Logger) Option {
 	return func(opts *Options) {
 		opts.Logger = logger
--- a/pkg/handler/socks/v5/handler.go
+++ b/pkg/handler/socks/v5/handler.go
@ -55,7 +55,7 @@ func (h *socks5Handler) Init(md md.Metadata) (err error) {

 	h.selector = &serverSelector{
 		Authenticator: auth_util.AuthFromUsers(h.options.Auths...),
-		TLSConfig:     h.md.tlsConfig,
+		TLSConfig:     h.options.TLSConfig,
 		logger:        h.logger,
 		noTLS:         h.md.noTLS,
 	}
--- a/pkg/handler/socks/v5/metadata.go
+++ b/pkg/handler/socks/v5/metadata.go
@ -1,16 +1,13 @@
 package v5

 import (
-	"crypto/tls"
 	"math"
 	"time"

-	tls_util "github.com/go-gost/gost/pkg/common/util/tls"
 	mdata "github.com/go-gost/gost/pkg/metadata"
 )

 type metadata struct {
-	tlsConfig         *tls.Config
 	timeout           time.Duration
 	readTimeout       time.Duration
 	noTLS             bool
@ -22,9 +19,6 @@ type metadata struct {

 func (h *socks5Handler) parseMetadata(md mdata.Metadata) (err error) {
 	const (
-		certFile          = "certFile"
-		keyFile           = "keyFile"
-		caFile            = "caFile"
 		readTimeout       = "readTimeout"
 		timeout           = "timeout"
 		noTLS             = "notls"
@ -34,15 +28,6 @@ func (h *socks5Handler) parseMetadata(md mdata.Metadata) (err error) {
 		compatibilityMode = "comp"
 	)

-	h.md.tlsConfig, err = tls_util.LoadServerConfig(
-		mdata.GetString(md, certFile),
-		mdata.GetString(md, keyFile),
-		mdata.GetString(md, caFile),
-	)
-	if err != nil {
-		return
-	}
-
 	h.md.readTimeout = mdata.GetDuration(md, readTimeout)
 	h.md.timeout = mdata.GetDuration(md, timeout)
 	h.md.noTLS = mdata.GetBool(md, noTLS)