XiaoMo/frp
1
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2025-07-27 07:35:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

TlsOnly - only accept TLS connections if enabled

Browse Source
This commit is contained in:
Guy Lewin
2020-02-10 18:56:41 +02:00
parent c8748a2948
commit c747f160aa
3 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
utils/net/tls.go
View File

@@ -16,6 +16,7 @@ package net
import (
"crypto/tls"
"fmt"
"net"
"time"
@@ -32,7 +33,7 @@ func WrapTLSClientConn(c net.Conn, tlsConfig *tls.Config) (out net.Conn) {
return
}
func CheckAndEnableTLSServerConnWithTimeout(c net.Conn, tlsConfig *tls.Config, timeout time.Duration) (out net.Conn, err error) {
func CheckAndEnableTLSServerConnWithTimeout(c net.Conn, tlsConfig *tls.Config, tlsOnly bool, timeout time.Duration) (out net.Conn, err error) {
sc, r := gnet.NewSharedConnSize(c, 2)
buf := make([]byte, 1)
var n int
@@ -46,6 +47,10 @@ func CheckAndEnableTLSServerConnWithTimeout(c net.Conn, tlsConfig *tls.Config, t
if n == 1 && int(buf[0]) == FRP_TLS_HEAD_BYTE {
out = tls.Server(c, tlsConfig)
} else {
if tlsOnly {
err = fmt.Errorf("non-TLS connection received on a TlsOnly server")
return
}
out = sc
}
return