Skip to content

aaw/maybe_tls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
conn.go
conn.go
 
 
listener.go
listener.go
 
 
listener_test.go
listener_test.go
 
 

Repository files navigation

maybe_tls

An implementation of golang's net.Listener interface that accepts both TCP and TLS-over-TCP connections on the same port.

Example

To use, create a net.Listener and a tls.Config object first, then wrap them in a maybe_tls.Listener:

config := tls.Config{Certificates: []tls.Certificate{keypair}}
ln, err := net.Listen("tcp", ":1234")
if err != nil {
  // Handle error
}
mln := maybe_tls.Listener{ln, &config}

Then use the maybe_tls.Listener just as you would a net.Listener. You can detect whether the accepted connection is encrypted or not by testing whether it's a tls.Conn:

conn, err := mln.Accept()
switch conn.(type) {
default:
    // It's a plain TCP connection
case *tls.Conn:
    // It's a TLS connection
}

Restrictions

maybe_tls.Listener works by trying to figure out whether the first few bytes that a client sends look like a TLS ClientHello message. If so, the data from the connection is "rewound" and wrapped in a tls.Conn. If not, the data from the connection is rewound and replayed as is. Because of this detection mechanism, the maybe_tls.Listener can only be used with application protocols where the client is expected to send the first message after a connection is made.

Installation

go get github.com/aaw/maybe_tls

About

A golang net.Listener implementation that listens to either TCP or TLS on a single port

Resources

Readme

License

Unlicense license
Activity

Stars

7 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages