~emersion/tlstunnel

v0.1.0 2 months ago .tar.gz browse log

tlstunnel v0.1.0

Hubert Hirtz (1):
      Add the "tls.email" directive

Simon Ser (59):
      Initial commit
      Implement basic TCP proxy
      Add certmagic support
      Require frontend blocks to have the name "frontend"
      Fix empty name in config block directive
      Allow to route to different backend depending on SNI
      Remove listen directive
      Don't add empty strings to list of managed certificates
      Add `tls ca` directive
      readme: add basic example config
      Add -config flag
      Add support for the PROXY protocol
      Change `tls ca` to `tls acme_ca`
      Add man page
      Add Makefile
      readme: add link to sr.ht project
      ci: add .build.yml
      Rename Parse and Load to {Parse,Load}Config
      Export Server.acmeManager
      Move executable to cmd/tlstunnel
      Move back directive processing to tlstunnel package
      build: simplify Makefile paths
      build: use SYSCONFDIR for default config path
      build: fix clean target not removing man page
      Store certificates in /var/lib/tlstunnel by default
      Don't try to guess listening address
      build: fix quoting typo
      Update certmagic to fix ALPN protocols
      man: add a "files" section
      man: fix acme_ca directive name
      Use upstream proxyproto.HeaderProxyFromAddrs
      Set PROXY protocol PP2_TYPE_AUTHORITY TLV
      Set PROXY protocol PP2_TYPE_SSL
      Switch to scfg
      Add "tls load" frontend directive
      Drop TODO regarding ACME HTTP challenges
      Move ACME logger setup to cmd/tlstunnel
      Update to go-proxyproto v0.3.0
      Add support for TLS backends
      readme: add contributing section
      readme: fix issue tracker link
      Revert "readme: fix issue tracker link"
      Add support for ALPN
      go fmt
      Update dependencies
      Initialize certmagic in Server.Start
      Add `tls on_demand`
      Fix SIGINT handling
      Expand on_demand docs
      Stop certmagic cache on shutdown
      Add `tls on_demand validate_command`
      Add more context to errors
      Fix tls-alpn-01 challenge errors
      Avoid half-open TCP connections
      Add downstream TLS handshake timeout
      Upgrade certmagic
      Unmanage certificates when no longer needed
      Increase TLS handshake timeout
      Protect acmeCache.config with atomic.Value

delthas (2):
      Add support for wildcard server names in frontend directives
      Enable certmagic logging

minus (3):
      Fix Unix socket backend config
      Remove unused Server reference
      Add config reloading
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEENP+VJs/vDpejQOLkD9574OiPXkgFAmAuoiMACgkQD9574OiP
Xkh0SxAAqdBKOVFvdClwX8oKoVqo1ROILVwGnoEhrvUitcl5eNratjzOHdtvBkEP
O1EOh7TOn+atEtwgEMl2oHN29hVMuTu0t1FCUS3u7uNymRflnhLZOUD+mLnksUCK
gQWlzjR3WbbyGkbetIQuxRADfo8R9oSs7NBzWMQwm7Kv3805qOFmA4L/j9e4rqAC
xVgg3elFB9K9pG0IS57oGR1sYZ6YI/lvZxQYjQBOACNZ+5nFj5P1BWjUZDLmjEuJ
zRowO8OYMIYcNWx/EPMbmbs/dML9/s5wupUjAaF7+FRF8hrEHUg1KugHgn8OzxWv
forhlMtGLLUO1rnmAsZYMUpKfchlGwOoa+Gs1OujFLisZcLjem5KP4saUwMNab6Z
bc/ntxXBOPW/pPfVRQcT6fdopZKVU734DNk6n3zDNI7XVDcDSTt924CW4ehH3Tao
P4JRyEgsDgjNYAWAsUZ7MGfA5NqPtbSTdnj/C2cEpSxSD4Bo8wI3xZrxO5t8CrO4
iSO0QCBHlQlJREKHtovL5cSVRyEObl1lEaIHKydFpMpIssGdure9zFZrQwFGcf+Q
nY2M8Awnpg1TYna5E8ovmEzc17spz/gQZp4Nntkf4n0T9LT7/1iIrA/jgD03191u
h6Duj6j8cCBvAJZyAfWqpUBgDALj5uJPyAl4pynA8uarpLhJin0=
=Bf5/
-----END PGP SIGNATURE-----