add http2 transport

cmd/gost/main.go

@@ -1,15 +1,14 @@
 package main
 
 import (
-	"crypto/tls"
 	"flag"
 	"fmt"
+	"io"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
 	"runtime"
 
-	tls_util "github.com/go-gost/gost/pkg/common/util/tls"
 	"github.com/go-gost/gost/pkg/config"
 	"github.com/go-gost/gost/pkg/logger"
 )
@@ -69,7 +68,18 @@ func main() {
 	log = logFromConfig(cfg.Log)
 
 	if outputCfgFile != "" {
-		if err := cfg.WriteFile(outputCfgFile); err != nil {
+		var w io.Writer
+		if outputCfgFile == "-" {
+			w = os.Stdout
+		} else {
+			f, err := os.Create(outputCfgFile)
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer f.Close()
+			w = f
+		}
+		if err := cfg.Write(w); err != nil {
 			log.Fatal(err)
 		}
 		os.Exit(0)
@@ -86,29 +96,7 @@ func main() {
 		}()
 	}
 
-	tlsCfg := cfg.TLS
-	if tlsCfg == nil {
-		tlsCfg = &config.TLSConfig{
-			Cert: "cert.pem",
-			Key:  "key.pem",
-			CA:   "ca.crt",
-		}
-	}
-	tlsConfig, err := tls_util.LoadTLSConfig(tlsCfg.Cert, tlsCfg.Key, tlsCfg.CA)
-	if err != nil {
-		// generate random self-signed certificate.
-		cert, err := tls_util.GenCertificate()
-		if err != nil {
-			log.Fatal(err)
-		}
-		tlsConfig = &tls.Config{
-			Certificates: []tls.Certificate{cert},
-		}
-		log.Warn("load TLS certificate files failed, use random generated certificate")
-	} else {
-		log.Debug("load TLS certificate files OK")
-	}
-	tls_util.DefaultConfig = tlsConfig
+	buildDefaultTLSConfig(cfg.TLS)
 
 	services := buildService(cfg)
 	for _, svc := range services {

cmd/gost/norm.go

@@ -111,6 +111,7 @@ func normChain(chain *config.ChainConfig) {
 			if u.User != nil {
 				md["user"] = u.User.String()
 			}
+			md["serverName"] = u.Host
 
 			node.Addr = u.Host
 

cmd/gost/register.go

@@ -4,6 +4,7 @@ import (
 	// Register connectors
 	_ "github.com/go-gost/gost/pkg/connector/forward"
 	_ "github.com/go-gost/gost/pkg/connector/http"
+	_ "github.com/go-gost/gost/pkg/connector/http2"
 	_ "github.com/go-gost/gost/pkg/connector/relay"
 	_ "github.com/go-gost/gost/pkg/connector/sni"
 	_ "github.com/go-gost/gost/pkg/connector/socks/v4"
@@ -12,6 +13,8 @@ import (
 	_ "github.com/go-gost/gost/pkg/connector/ss/udp"
 
 	// Register dialers
+	_ "github.com/go-gost/gost/pkg/dialer/ftcp"
+	_ "github.com/go-gost/gost/pkg/dialer/http2"
 	_ "github.com/go-gost/gost/pkg/dialer/tcp"
 	_ "github.com/go-gost/gost/pkg/dialer/udp"
 
@@ -20,6 +23,7 @@ import (
 	_ "github.com/go-gost/gost/pkg/handler/forward/local"
 	_ "github.com/go-gost/gost/pkg/handler/forward/remote"
 	_ "github.com/go-gost/gost/pkg/handler/http"
+	_ "github.com/go-gost/gost/pkg/handler/http2"
 	_ "github.com/go-gost/gost/pkg/handler/redirect"
 	_ "github.com/go-gost/gost/pkg/handler/relay"
 	_ "github.com/go-gost/gost/pkg/handler/sni"

cmd/gost/tls.go

@@ -0,0 +1,98 @@
+package main
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"math/big"
+	"time"
+
+	tls_util "github.com/go-gost/gost/pkg/common/util/tls"
+	"github.com/go-gost/gost/pkg/config"
+)
+
+func buildDefaultTLSConfig(cfg *config.TLSConfig) {
+	if cfg == nil {
+		cfg = &config.TLSConfig{
+			Cert: "cert.pem",
+			Key:  "key.pem",
+		}
+	}
+
+	tlsConfig, err := loadConfig(cfg.Cert, cfg.Key)
+	if err != nil {
+		// generate random self-signed certificate.
+		cert, err := genCertificate()
+		if err != nil {
+			log.Fatal(err)
+		}
+		tlsConfig = &tls.Config{
+			Certificates: []tls.Certificate{cert},
+		}
+		log.Warn("load TLS certificate files failed, use random generated certificate")
+	} else {
+		log.Debug("load TLS certificate files OK")
+	}
+	tls_util.DefaultConfig = tlsConfig
+}
+
+func loadConfig(certFile, keyFile string) (*tls.Config, error) {
+	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
+	if err != nil {
+		return nil, err
+	}
+
+	cfg := &tls.Config{
+		Certificates: []tls.Certificate{cert},
+	}
+
+	return cfg, nil
+}
+
+func genCertificate() (cert tls.Certificate, err error) {
+	rawCert, rawKey, err := generateKeyPair()
+	if err != nil {
+		return
+	}
+	return tls.X509KeyPair(rawCert, rawKey)
+}
+
+func generateKeyPair() (rawCert, rawKey []byte, err error) {
+	// Create private key and self-signed certificate
+	// Adapted from https://golang.org/src/crypto/tls/generate_cert.go
+
+	priv, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return
+	}
+	validFor := time.Hour * 24 * 365 * 10 // ten years
+	notBefore := time.Now()
+	notAfter := notBefore.Add(validFor)
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, _ := rand.Int(rand.Reader, serialNumberLimit)
+	template := x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			Organization: []string{"gost"},
+			CommonName:   "gost.run",
+		},
+		NotBefore: notBefore,
+		NotAfter:  notAfter,
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+		BasicConstraintsValid: true,
+	}
+	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
+	if err != nil {
+		return
+	}
+
+	rawCert = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	rawKey = pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
+
+	return
+}