Add TLS support (only over tcp)

2025-04-09 01:15:15 +01:00
parent 4d1eb10d69
commit d87c809ec6
2 changed files with 10 additions and 3 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -47,7 +47,7 @@
        proxies = mkOption {
          type = attrsOf (submodule ({config, ...}: {
            options = let
-              proto = enum ["udp" "tcp" "unix"];
+              proto = enum ["udp" "tcp" "unix" "tls"];
            in {
              enable = mkOption {
                type = bool;
--- a/main.go
+++ b/main.go
@@ -24,11 +24,18 @@ func (dialer Dialer) Dial() (net.Conn, error) {
 }

 func Forward(server *tsnet.Server, proto, port, dst string, finish chan error) {
+	var ln net.Listener
+	var err error
+	if proto == "tls" {
+		proto = "tcp"
+		ln, err = server.ListenTLS(proto, fmt.Sprint(":", port))
+	} else {
 		ln, err = server.Listen(proto, fmt.Sprint(":", port))
-	defer ln.Close()
+	}
 	if err != nil {
 		finish <- err
 	}
+	defer ln.Close()
 	err = netforward.Forward(Dialer { proto: proto, addr: dst }, ln)
 	if err != nil {
 		finish <- err