Crate sslrelay[−][src]

Expand description

SSLRelay

Library for relaying TCP traffic as well as TLS encrypted TCP traffic. This library allows you to implement callback functions for upstream and downstream traffic. These callbacks can R/W the data from a stream(Blocking) or only R the data(Non-Blocking).

pub trait HandlerCallbacks {
    fn ds_b_callback(&mut self, _in_data: Vec<u8>) -> CallbackRet {CallbackRet::Relay(_in_data)}
    fn ds_nb_callback(&self, _in_data: Vec<u8>){}
    fn us_b_callback(&mut self, _in_data: Vec<u8>) -> CallbackRet {CallbackRet::Relay(_in_data)}
    fn us_nb_callback(&self, _in_data: Vec<u8>){}
}

The blocking callbacks return an enum called CallbackRet with four different variants. The variants control the flow of the tcp stream.

 pub enum CallbackRet {
     Relay(Vec<u8>),// Relay data
     Spoof(Vec<u8>),// Skip relaying and send data back
     Shutdown,// Shutdown TCP connection
     Freeze,// Dont send data (pretend as if stream never was recieved)
 }

Example (basic.rs)

use sslrelay::{self, RelayConfig, HandlerCallbacks, CallbackRet, TCPDataType, TLSConfig};

// Handler object
#[derive(Clone)] // Must have Clone trait implemented.
struct Handler;

/*
    Callback traits that can be used to read or inject data
    into data upstream or downstream.
*/
impl HandlerCallbacks for Handler {

    // DownStream non blocking callback (Read Only)
    fn ds_nb_callback(&self, _in_data: Vec<u8>) {
        println!("[CALLBACK] Down Stream Non Blocking CallBack!");
    }

    // DownStream blocking callback (Read & Write)
    fn ds_b_callback(&mut self, _in_data: Vec<u8>) -> CallbackRet {
        println!("[CALLBACK] Down Stream Blocking CallBack!");
        CallbackRet::Relay(_in_data)
    }

    // UpStream non blocking callback (Read Only)
    fn us_nb_callback(&self, _in_data: Vec<u8>) {
        println!("[CALLBACK] Up Stream Non Blocking CallBack!");
    }

    // UpStream blocking callback (Read & Write)
    fn us_b_callback(&mut self, _in_data: Vec<u8>) -> CallbackRet {
        println!("[CALLBACK] Up Stream Blocking CallBack!");
        CallbackRet::Relay(_in_data)
    }
}

fn main() {

    // Create new SSLRelay object
    let mut relay = sslrelay::SSLRelay::new(
        Handler, 
        RelayConfig {
            downstream_data_type: TCPDataType::TLS,
            upstream_data_type: TCPDataType::TLS,
            bind_host: "0.0.0.0".to_string(),
            bind_port: "443".to_string(),
            remote_host: "remote.com".to_string(),
            remote_port: "443".to_string(),
            tls_config: TLSConfig::FILE{
                certificate_path: "./tls.crt".to_string(),
                private_key_path: "./tls.key".to_string(),
            },
        }
    );

    // Start listening
    relay.start();
}

Structs

RelayConfig

Relay Config structure for passing into the SSLRelay::new() config parameter.

SSLRelay

The main SSLRelay object.

Enums

CallbackRet

CallbackRet for blocking callback functions

TCPDataType

Specifies the upstream or downstream data type (TLS or RAW).

TLSConfig

TLSConfig is used to specify TLS options. FILE is for specifying a path to a certificate and private key. DATA is for passing the certificate and private key bytes directly. NONE is for when you are not using TLS on the listening/downstream side of the relay.

Traits

HandlerCallbacks

Callback functions a user may or may not implement.