moparisthebest/wireguard-proxy
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Add --tls-hostname argument to wireguard-proxy

Browse Source
This commit is contained in:
Travis Burtrum 2019-12-16 21:15:25 -05:00
parent b363f30298
commit 7316bb5341
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -1,7 +1,7 @@
# wireguard-proxy # wireguard-proxy
[![Travis-CI Build Status](https://api.travis-ci.org/moparisthebest/wireguard-proxy.svg?branch=master)](https://travis-ci.org/moparisthebest/wireguard-proxy) [![Travis-CI Build Status](https://api.travis-ci.org/moparisthebest/wireguard-proxy.svg?branch=master)](https://travis-ci.org/moparisthebest/wireguard-proxy)
[![Build status](https://ci.appveyor.com/api/projects/status/vl8c9xdhvgn997d2/branch/master?svg=true)](https://ci.appveyor.com/project/moparisthebest/wireguard-proxy/branch/master) [![Build status](https://ci.appveyor.com/api/projects/status/vl8c9xdhvgn997d2/branch/master?svg=true)](https://ci.appveyor.com/project/moparisthebest/wireguard-proxy)
[![crates.io](https://img.shields.io/crates/v/wireguard-proxy.svg)](https://crates.io/crates/wireguard-proxy) [![crates.io](https://img.shields.io/crates/v/wireguard-proxy.svg)](https://crates.io/crates/wireguard-proxy)
Proxy wireguard UDP packets over TCP/TLS Proxy wireguard UDP packets over TCP/TLS
@ -20,6 +20,9 @@ usage: wireguard-proxy [options...]
client here, default: 127.0.0.1:51820 client here, default: 127.0.0.1:51820
--tls use TLS when connecting to tcp-target --tls use TLS when connecting to tcp-target
WARNING: currently verifies nothing! WARNING: currently verifies nothing!
--tls-hostname send this in SNI instead of host
from --tcp-target, useful for avoiding
DNS lookup on connect
Server Mode (requires --tcp-host): Server Mode (requires --tcp-host):
-th, --tcp-host <ip:port> TCP host to listen on -th, --tcp-host <ip:port> TCP host to listen on

7
src/bin/wireguard-proxy.rs
View File

@ -25,6 +25,9 @@ fn main() {
client here, default: {} client here, default: {}
--tls use TLS when connecting to tcp-target --tls use TLS when connecting to tcp-target
WARNING: currently verifies nothing! WARNING: currently verifies nothing!
--tls-hostname send this in SNI instead of host
from --tcp-target, useful for avoiding
DNS lookup on connect
Server Mode (requires --tcp-host): Server Mode (requires --tcp-host):
-th, --tcp-host <ip:port> TCP host to listen on -th, --tcp-host <ip:port> TCP host to listen on
@ -76,7 +79,9 @@ fn client(tcp_target: &str, socket_timeout: u64, args: Args) {
); );
if tls { if tls {
proxy_client.start_tls(tcp_target.split(":").next().expect("cannot extract hostname from --tcp-target")).expect("error running tls proxy_client"); let hostname = args.get_option(&["--tls-hostname"]).or_else(|| tcp_target.split(":").next())
.expect("--tls-hostname not set and cannot extract hostname from --tcp-target");
proxy_client.start_tls(hostname).expect("error running tls proxy_client");
} else { } else {
proxy_client.start().expect("error running proxy_client"); proxy_client.start().expect("error running proxy_client");
} }