vikarti.anatra/opera-proxy
1
0
Fork 0
mirror of https://github.com/Snawoot/opera-proxy.git synced 2025-09-02 10:42:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix seclient SNI

Browse source
This commit is contained in:
Vladislav Yarmak 2021-03-27 01:48:24 +02:00
parent 2a3bbb5967
commit 9a35f96795
1 changed files with 13 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
main.go
View file

@ -126,18 +126,25 @@ func run() int {
dialer = pxDialer.(ContextDialer) dialer = pxDialer.(ContextDialer)
} }
// Dialing w/o SNI, receiving self-signed certificate, so skip verification.
// Either way we'll validate certificate of actual proxy server.
tlsConfig := &tls.Config{
ServerName: "",
InsecureSkipVerify: true,
}
seclient, err := se.NewSEClient(args.apiLogin, args.apiPassword, &http.Transport{ seclient, err := se.NewSEClient(args.apiLogin, args.apiPassword, &http.Transport{
DialContext: dialer.DialContext, DialContext: dialer.DialContext,
DialTLSContext: func (ctx context.Context, network, addr string) (net.Conn, error) {
conn, err := dialer.DialContext(ctx, network, addr)
if err != nil {
return conn, err
}
return tls.Client(conn, tlsConfig), nil
},
ForceAttemptHTTP2: true, ForceAttemptHTTP2: true,
MaxIdleConns: 100, MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second, IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second, TLSHandshakeTimeout: 10 * time.Second,
// Dialing w/o SNI, receiving self-signed certificate, so skip verification.
// Either way we'll validate certificate of actual proxy server.
TLSClientConfig: &tls.Config{
ServerName: "",
InsecureSkipVerify: true,
},
ExpectContinueTimeout: 1 * time.Second, ExpectContinueTimeout: 1 * time.Second,
}) })
if err != nil { if err != nil {