gf4
/
wstunnel
mirror of https://github.com/erebe/wstunnel
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
559 Commits
2 Branches
79 Tags
20 MiB
Commit Graph

559 Commits (main)

Author SHA1 Message Date
erebe 9b82006c6e
Improve stdio tunnel on windows 
- Handle CTRL+C to exit properly
- Restore terminal mode at exit
- Use logger to stderr
 2024-05-18 16:02:28 +02:00
Σrebe - Romain GERARD 0595e23050
lint 2024-05-16 10:49:39 +02:00
Σrebe - Romain GERARD 8892aae601
bump rust in dockerfile 2024-05-16 10:49:25 +02:00
Jasper Siepkes 054460ad3e
Mark unsupported configurations as conflicting (#273) 
This change marks combining the yaml restrictions file together with arguments such as `--restrict-http-upgrade-path-prefix` as conflicting in clap. Since wstunnel will only use the yaml restrictions file when it is supplied and ignore the other arguments. This change makes this more obvious for users (since wstunnel will exit with an error).

The reason for still allowing the client `--http-upgrade-path-prefix` is that one could be using a proxy server in front of wstunnel which does mTLS. This is a pretty specific corner case though. A warning was added so it's clear to users that this will only work in specific scenarios.
 2024-05-16 10:48:24 +02:00
Σrebe - Romain GERARD a89d4da2b0
Bump version v9.4.2 2024-05-16 09:10:56 +02:00
Σrebe - Romain GERARD 246862a6da
Reduce allocation when using client certificate 2024-05-16 09:05:04 +02:00
Jasper Siepkes ddebdfd3d2
When mTLS is used force path to match client certificate CN (#272) 
This change makes the server verify the client's path prefix matches the common name (CN) in the certificate the client presented when mTLS is used. This makes it impossible for the client to spoof the path prefix specified in the `restrictions.yaml` file.
 2024-05-16 08:39:30 +02:00
Σrebe - Romain GERARD 562c78187b
Add flag to control max backoff time to connect to the server 2024-05-14 08:32:44 +02:00
Σrebe - Romain GERARD 207ad7480b
Bump rust version 2024-05-10 13:27:50 +02:00
Σrebe - Romain GERARD bf9459b3fc
Bump dependencies 2024-05-09 14:18:38 +02:00
Σrebe - Romain GERARD 1eccb70aab
lint 2024-05-09 12:26:16 +02:00
Σrebe - Romain GERARD d3476ce716
fix compilation for openbsd 2024-05-09 11:31:39 +02:00
Jasper Siepkes 88e42d3b9f
Allow client certificate CN to be used for upgrade path (#264) 
This change causes the wstunnel client to use the common name (CN) of the client's certificate for the upgrade path when mTLS is enabled.
 2024-05-06 10:00:08 +02:00
Σrebe - Romain GERARD a0ccd2622e
Bump version v9.4.1 2024-05-01 15:16:44 +02:00
Σrebe - Romain GERARD 69c372490a
feat(server): Add tcp-keepalive on in-coming server connections 2024-05-01 15:13:00 +02:00
Σrebe - Romain GERARD 421a5a230c
feat(restriction): Avoid re-creating a config reload notifier each time 2024-05-01 15:00:46 +02:00
Erèbe - Romain Gerard 862d1dc9e2
Update README.md 2024-05-01 12:24:11 +02:00
Erèbe - Romain Gerard dfa99f834d
Update README.md 2024-05-01 12:21:58 +02:00
Σrebe - Romain GERARD 2f11046dd7
Bump version v9.4.0 2024-05-01 12:10:34 +02:00
Σrebe - Romain GERARD 5ef14d1a8c
feat(restriction): Auto-reload restriction file 2024-05-01 12:07:18 +02:00
Σrebe - Romain GERARD 368f6657fd
Turn match in restriction config into a list 2024-05-01 09:17:37 +02:00
Σrebe - Romain GERARD 1e07eb7b2a
Add tcp-keepalive to help detect broken reverse tunnel 2024-04-29 18:16:38 +02:00
Σrebe - Romain GERARD 3c84c59a11
Allow multiple ports in restriction file 2024-04-29 08:43:08 +02:00
Σrebe - Romain GERARD 135fcb5127
Increase reverse tunnel timeout to 3min 2024-04-28 00:11:41 +02:00
Σrebe - Romain GERARD 8a228248d7
Add config file for restrictions 2024-04-28 00:07:57 +02:00
Σrebe - Romain GERARD 727e92902c
Add log when closing remote tunnel 2024-04-25 21:22:38 +02:00
Σrebe - Romain GERARD 37d1e50dd4
update justfile 2024-04-19 21:54:54 +02:00
Σrebe - Romain GERARD df94b2b871
Bump version v9.3.0 2024-04-19 21:18:06 +02:00
Erèbe - Romain Gerard 0b9fb31ff0
Update README.md 2024-04-19 21:00:31 +02:00
Erèbe - Romain Gerard 465a72d5e2
Update README.md 2024-04-19 20:59:35 +02:00
Erèbe - Romain Gerard 81e57bd81c
Update README.md 2024-04-19 20:49:48 +02:00
Erèbe - Romain Gerard fa1ec552fa
Update README.md 2024-04-19 20:48:33 +02:00
Erèbe - Romain Gerard b898ee4df0
Update README.md 2024-04-19 20:42:50 +02:00
Erèbe - Romain Gerard 9156766f25
Update README.md 2024-04-19 20:41:00 +02:00
Σrebe - Romain GERARD d1782138c0
Update README 2024-04-19 20:40:30 +02:00
Erèbe - Romain Gerard 416f78aa28
Update README.md 2024-04-19 20:36:05 +02:00
Σrebe - Romain GERARD 83bde45e6f
Update README 2024-04-19 20:32:38 +02:00
Σrebe - Romain GERARD 70b5a216b0
Add support for mTLS 2024-04-19 09:36:14 +02:00
Σrebe - Romain GERARD 4524397d4f
fix typo in README 2024-04-16 08:25:44 +02:00
Dima-Kal 20e28fdb5e
Fix readme port typo (#255) 2024-04-13 14:42:21 +02:00
Σrebe - Romain GERARD 8b6661e186
Bump version v9.2.5 2024-03-28 08:20:58 +01:00
Σrebe - Romain GERARD 0aabcd16ad
Bump deps 2024-03-28 08:20:50 +01:00
Σrebe - Romain GERARD 94d9a14c81
fix: Avoid stopping accepting new connection on error 2024-03-27 08:30:43 +01:00
Erèbe - Romain Gerard 450d76aaed
Update README.md 2024-03-17 10:36:30 +01:00
Σrebe - Romain GERARD 832e253b3c
Bump version v9.2.4 2024-03-17 10:24:48 +01:00
Σrebe - Romain GERARD 833e1bc0d2
lint 2024-03-17 10:24:23 +01:00
Σrebe - Romain GERARD c28fa6d2ff
fix(reverse-tunnel): avoid accumulating log span on error 2024-03-16 23:21:25 +01:00
Σrebe - Romain GERARD c0f690f273
feat(tls): Support SSLKEYLOGFILE env variable 2024-03-16 22:21:40 +01:00
Σrebe - Romain GERARD 3129fe3219
feat(tls): Add flag to not send SNI during tls handshake 2024-03-16 22:21:35 +01:00
Erèbe - Romain Gerard 1c393afe4f
fix(tls): skip invalid system certificate 2024-03-08 09:00:21 +01:00