Go package providing an implementation of a net.Conn multiplexer based on the TLS SNI (Server Name Indication) sent by a client.
Install using go get github.com/kevinpollet/tlsmux.
The Mux struct allows registering handlers which will be called when the muxer serve a net.Conn with a
matching server name.
mux := tlsmux.Mux{}
l, err := net.Listen("tcp", "127.0.0.1:8080")
if err != nil {
log.Fatal(err)
}
if err := mux.Serve(l); err != nil {
log.Fatal(err)
}The Handler interface is used to handle an incoming net.Conn without decrypting the underlying TLS communication (Pass Through).
Implementations are responsible for closing the connection.
The HandlerFunc type is an adapter to allow the use of ordinary functions as a Handler.
mux.Handle("server.name", tlsmux.HandlerFunc(func(conn net.Conn) error {
defer conn.Close()
// Handle the encrypted TLS connection.
}))The TLSHandler struct is a Handler implementation allowing to terminate the TLS connection with the configured tls.Config.
Thus, the net.Conn parameter of a TLSHandler if of type tls.Conn.
Implementations are responsible for closing the connection.
The TLSHandlerFunc type is an adapter to allow the use of ordinary functions as a TLSHandler.
cfg := &tls.Config{
MinVersion: tls.VersionTLS13,
Certificates: []tls.Certificate{cert},
}
mux.Handle("foo.localhost", tlsmux.TLSHandlerFunc(cfg, func(conn net.Conn) error {
defer conn.Close()
// Handle the decrypted TLS connection.
}))The ProxyHandler struct is a Handler implementation forwarding the connection bytes to the configured Address.
The ProxyHandlerFunc is an adapter allowing the use of a ProxyHandler as a HandlerFunc.
// Forward the encrypted connection bytes.
mux.Handle("foo.localhost", tlsmux.ProxyHandler{Addr: "127.0.0.1:443"})
// Forward the decrypted connection bytes.
mux.Handle("foo.localhost", tlsmux.TLSHandlerFunc(tlsConfig, tlsmux.ProxyHandlerFunc("127.0.0.1:80"))