add tls to algeneva (#611)

* add tls to algeneva
getlantern · Apr 25, 2024 · 7a15939 · 7a15939
1 parent e115636
commit 7a15939
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 6 deletions.
diff --git a/go.mod b/go.mod
@@ -24,7 +24,7 @@ require (
 	github.com/getlantern/kcpwrapper v0.0.0-20230327091313-c12d7c17c6de
 	github.com/getlantern/keyman v0.0.0-20230503155501-4e864ca2175b
 	github.com/getlantern/lampshade v0.0.0-20200303040944-fe53f13203e9
-	github.com/getlantern/lantern-algeneva v0.0.0-20240402195540-eb1bbf6d7366
+	github.com/getlantern/lantern-algeneva v0.0.0-20240418193310-610690afddbc
 	github.com/getlantern/measured v0.0.0-20230919230611-3d9e3776a6cd
 	github.com/getlantern/memhelper v0.0.0-20220104170102-df557102babd
 	github.com/getlantern/mockconn v0.0.0-20200818071412-cb30d065a848

diff --git a/go.sum b/go.sum
@@ -150,8 +150,8 @@ github.com/getlantern/keyman v0.0.0-20230503155501-4e864ca2175b h1:iyEuk8ARQC9Hf
 github.com/getlantern/keyman v0.0.0-20230503155501-4e864ca2175b/go.mod h1:ZJ+yDaZkJ/JU9j7EQa3UUh6ouedrNDDLA5OiowS1Iuk=
 github.com/getlantern/lampshade v0.0.0-20200303040944-fe53f13203e9 h1:n2t63QvweEs53Kpy7QbXv6JRSfXpDTTgPMT4cNTOt8g=
 github.com/getlantern/lampshade v0.0.0-20200303040944-fe53f13203e9/go.mod h1:Zqiq4op+E689yjuJACMLURzE9XUGj48UDZP7h8aN+kk=
-github.com/getlantern/lantern-algeneva v0.0.0-20240402195540-eb1bbf6d7366 h1:jk1kkecLlmJGCNXCZOk0dpjusULXmHaSiI+ptyHxL9M=
-github.com/getlantern/lantern-algeneva v0.0.0-20240402195540-eb1bbf6d7366/go.mod h1:bNnBc1YoooeKURbR6TMgNTuBA5ZjD28TSvZjbPUomVI=
+github.com/getlantern/lantern-algeneva v0.0.0-20240418193310-610690afddbc h1:NlvxqmHvBr27TBzbxUsOFXtRtgW7FmoMkTTQhD6LXKU=
+github.com/getlantern/lantern-algeneva v0.0.0-20240418193310-610690afddbc/go.mod h1:bNnBc1YoooeKURbR6TMgNTuBA5ZjD28TSvZjbPUomVI=
 github.com/getlantern/lantern-shadowsocks v1.3.6-0.20230301223223-150b18ac427d h1:YwH3hgY1qtp1J1V8iBx58wB+mAY6L7N1s+qYqNJgDjM=
 github.com/getlantern/lantern-shadowsocks v1.3.6-0.20230301223223-150b18ac427d/go.mod h1:Wwa1uDdu6LxVRANcN2dQ+aNI0rY+km+dqHW2G9Qm34k=
 github.com/getlantern/measured v0.0.0-20230919230611-3d9e3776a6cd h1:pDfqh9yd58OW9vQzv4U+q6G+LfbNXVhbWcBWmC5Dkm4=

diff --git a/http-proxy/main.go b/http-proxy/main.go
@@ -43,8 +43,8 @@ var (
 
 	// Use our own S3 bucket  distribution which fetches the origin at most once per
 	// day to avoid hitting the 2000 downloads/day limit imposed by MaxMind.
-	geolite2CityURL   = "https://storage.googleapis.com/lanterngeo/GeoLite2-City.mmdb.tar.gz"
-	geoip2ISPURL = "https://storage.googleapis.com/lanterngeo/GeoIP2-ISP.mmdb.tar.gz"
+	geolite2CityURL = "https://storage.googleapis.com/lanterngeo/GeoLite2-City.mmdb.tar.gz"
+	geoip2ISPURL    = "https://storage.googleapis.com/lanterngeo/GeoIP2-ISP.mmdb.tar.gz"
 
 	hostname, _ = os.Hostname()
 

diff --git a/http_proxy.go b/http_proxy.go
@@ -2,6 +2,7 @@ package proxy
 
 import (
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"net"
@@ -926,12 +927,22 @@ func (p *Proxy) listenBroflake(baseListen func(string) (net.Listener, error)) li
 // baseListen function with a algeneva.Listener.
 func (p *Proxy) listenAlgeneva(baseListen func(string) (net.Listener, error)) listenerBuilderFN {
 	return func(addr string) (net.Listener, error) {
+		var tlsConfig *tls.Config
+		if p.KeyFile != "" && p.CertFile != "" {
+			cert, err := tls.LoadX509KeyPair(p.CertFile, p.KeyFile)
+			if err != nil {
+				return nil, errors.New("Unable to load cert: %v", err)
+			}
+
+			tlsConfig = &tls.Config{Certificates: []tls.Certificate{cert}}
+		}
+
 		base, err := baseListen(addr)
 		if err != nil {
 			return nil, err
 		}
 
-		ll, connErrC := algeneva.WrapListener(base)
+		ll, connErrC := algeneva.WrapListener(base, tlsConfig)
 		// create a goroutine to log any connection errors
 		go func() {
 			for err := range connErrC {