expose server name via cli

dlemel8 · dlemel8 · commit e54045144c71 · 2021-10-02T22:04:15.000+03:00
diff --git a/src/client/main.rs b/src/client/main.rs
@@ -85,13 +85,19 @@ async fn new_tunneler(
             )
             .await?,
         )),
-        TunnelerType::Tls { ca_cert, cert, key } => Ok(Box::new(
+        TunnelerType::Tls {
+            ca_cert,
+            cert,
+            key,
+            server_hostname,
+        } => Ok(Box::new(
             TlsTunneler::new(
                 address,
                 port,
                 ca_cert.to_path_buf(),
                 cert.to_path_buf(),
                 key.to_path_buf(),
+                server_hostname.clone(),
             )
             .await?,
         )),
diff --git a/src/client/tls.rs b/src/client/tls.rs
@@ -26,6 +26,7 @@ impl TlsTunneler {
         ca_cert: PathBuf,
         client_cert: PathBuf,
         client_key: PathBuf,
+        server_hostname: String,
     ) -> Result<Self, Box<dyn Error>> {
         let mut config = ClientConfig::new();
         config.root_store.add(&load_certificate(ca_cert).await?)?;
@@ -37,7 +38,7 @@ impl TlsTunneler {
         log::debug!("connecting to {}", to_address);
         let tcp_stream = TcpStream::connect(to_address).await?;
 
-        let domain = DNSNameRef::try_from_ascii_str("server.tunneler")?;
+        let domain = DNSNameRef::try_from_ascii_str(&server_hostname)?;
         let stream = connector.connect(domain, tcp_stream).await?;
         let (reader, writer) = split(stream);
         Ok(Self {
diff --git a/src/common/cli.rs b/src/common/cli.rs
@@ -24,6 +24,8 @@ pub enum TunnelerType {
         cert: PathBuf,
         #[structopt(env)]
         key: PathBuf,
+        #[structopt(env)]
+        server_hostname: String,
     },
 }
 
diff --git a/src/server/main.rs b/src/server/main.rs
@@ -72,8 +72,13 @@ async fn new_untunneler(
             )
             .await?,
         )),
-        TunnelerType::Tls { ca_cert, cert, key } => Ok(Box::new(
-            TlsUntunneler::new(address, port, ca_cert, cert, key).await?,
+        TunnelerType::Tls {
+            ca_cert,
+            cert,
+            key,
+            server_hostname,
+        } => Ok(Box::new(
+            TlsUntunneler::new(address, port, ca_cert, cert, key, server_hostname).await?,
         )),
     }
 }
diff --git a/src/server/tls.rs b/src/server/tls.rs
@@ -30,6 +30,7 @@ impl TlsUntunneler {
         ca_cert: PathBuf,
         server_cert: PathBuf,
         server_key: PathBuf,
+        server_hostname: String,
     ) -> Result<Self, Box<dyn Error>> {
         let mut store = RootCertStore::empty();
         store.add(&load_certificate(ca_cert).await?)?;
@@ -40,7 +41,7 @@ impl TlsUntunneler {
         let mut resolver = ResolvesServerCertUsingSNI::new();
         let signing_key = load_signing_key(server_key).await?;
         resolver.add(
-            "server.tunneler",
+            &server_hostname,
             CertifiedKey::new(chain, Arc::new(signing_key)),
         )?;
         config.cert_resolver = Arc::new(resolver);

Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,8 @@ pub enum TunnelerType {`
`24`	`24`	`cert: PathBuf,`
`25`	`25`	`#[structopt(env)]`
`26`	`26`	`key: PathBuf,`
	`27`	`+ #[structopt(env)]`
	`28`	`+ server_hostname: String,`
`27`	`29`	`},`
`28`	`30`	`}`
`29`	`31`
Original file line number	Diff line number	Diff line change
`@@ -72,8 +72,13 @@ async fn new_untunneler(`
`72`	`72`	`)`
`73`	`73`	`.await?,`
`74`	`74`	`)),`
`75`		`- TunnelerType::Tls { ca_cert, cert, key } => Ok(Box::new(`
`76`		`- TlsUntunneler::new(address, port, ca_cert, cert, key).await?,`
	`75`	`+ TunnelerType::Tls {`
	`76`	`+ ca_cert,`
	`77`	`+ cert,`
	`78`	`+ key,`
	`79`	`+ server_hostname,`
	`80`	`+ } => Ok(Box::new(`
	`81`	`+ TlsUntunneler::new(address, port, ca_cert, cert, key, server_hostname).await?,`
`77`	`82`	`)),`
`78`	`83`	`}`
`79`	`84`	`}`