flik/GoTunnel
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1
All checks were successful
Build Multi-Platform Binaries / build-frontend (push) Successful in 44s
Details
Build Multi-Platform Binaries / build-binaries (amd64, darwin, server, false) (push) Successful in 2m21s
Details
Build Multi-Platform Binaries / build-binaries (amd64, linux, client, true) (push) Successful in 2m19s
Details
Build Multi-Platform Binaries / build-binaries (amd64, linux, server, true) (push) Successful in 3m32s
Details
Build Multi-Platform Binaries / build-binaries (amd64, windows, client, true) (push) Successful in 2m5s
Details
Build Multi-Platform Binaries / build-binaries (amd64, windows, server, true) (push) Successful in 3m4s
Details
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, client, true) (push) Successful in 53s
Details
Build Multi-Platform Binaries / build-binaries (arm, 7, linux, server, true) (push) Successful in 2m46s
Details
Build Multi-Platform Binaries / build-binaries (arm64, darwin, server, false) (push) Successful in 2m19s
Details
Build Multi-Platform Binaries / build-binaries (arm64, linux, client, true) (push) Successful in 1m54s
Details
Build Multi-Platform Binaries / build-binaries (arm64, linux, server, true) (push) Successful in 1m47s
Details
Build Multi-Platform Binaries / build-binaries (arm64, windows, server, false) (push) Successful in 2m8s
Details

Browse Source
This commit is contained in:
Flik
2026-01-01 20:57:03 +08:00
parent 0c00a9ffdc
commit 3f7b72a0aa
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/crypto/tls.go
View File

@@ -11,7 +11,6 @@ import (
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"math/big" "math/big"
"net"
"os" "os"
"path/filepath" "path/filepath"
"strings" "strings"
@@ -19,6 +18,7 @@ import (
) )
// GenerateTLSConfig 生成内存中的自签名证书并返回 TLS 配置 // GenerateTLSConfig 生成内存中的自签名证书并返回 TLS 配置
// 证书不限定具体 IP 地址,客户端使用 InsecureSkipVerify 跳过主机名验证(类似 frp
func GenerateTLSConfig() (*tls.Config, error) { func GenerateTLSConfig() (*tls.Config, error) {
priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil { if err != nil {
@@ -41,8 +41,7 @@ func GenerateTLSConfig() (*tls.Config, error) {
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true, BasicConstraintsValid: true,
IPAddresses: []net.IP{net.ParseIP("127.0.0.1")}, // 不限定 IP 地址和域名,客户端通过 InsecureSkipVerify + TOFU 验证
DNSNames: []string{"localhost"},
} }
certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv) certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)