Skip to content

Commit 37e8970

Browse files
hdurand0710mjuraga
hdurand0710
authored and
mjuraga
committed
MINOR: deprecate ForceXXX and NoXXX in favor of XXX for serverParams and BindParams
Added new XXX fields for the no-xxx and force-xxx configuration options for server params and bind params. The behavior is: XXX="enabled" option 'force-xxx' XXX="disabled" option -no-xxx' XXX="" no option send Other fields NoXXX, ForceXXX have been marked as deprecated.
1 parent 53d08b2 commit 37e8970

16 files changed

+1007
-129
lines changed

cmd/server_params_runtime/server_params_prepare_for_runtime.go

+5
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,15 @@ var ServerParamsPrepareForRuntimeMap = map[string]string{ //nolint:gochecknoglob
1818
"CheckSsl": FuncDoNotSendDisabledFields,
1919
"CheckViaSocks4": FuncDoNotSendDisabledFields,
2020
"ForceSslv3": FuncDoNotSendDisabledFields,
21+
"Sslv3": FuncDoNotSendDisabledFields,
2122
"ForceTlsv10": FuncDoNotSendDisabledFields,
23+
"Tlsv10": FuncDoNotSendDisabledFields,
2224
"ForceTlsv11": FuncDoNotSendDisabledFields,
25+
"Tlsv11": FuncDoNotSendDisabledFields,
2326
"ForceTlsv12": FuncDoNotSendDisabledFields,
27+
"Tlsv12": FuncDoNotSendDisabledFields,
2428
"ForceTlsv13": FuncDoNotSendDisabledFields,
29+
"Tlsv13": FuncDoNotSendDisabledFields,
2530
"Maintenance": FuncDoNotSendDisabledFields,
2631
"NoSslv3": FuncDoNotSendEnabledFields,
2732
"NoTlsv10": FuncDoNotSendEnabledFields,

config-parser/params/server-options.go

+19-19
Original file line numberDiff line numberDiff line change
@@ -159,48 +159,47 @@ func (b *ServerOptionIDValue) String() string {
159159

160160
var serverOptionFactoryMethods = map[string]func() ServerOption{ //nolint:gochecknoglobals
161161
"agent-check": func() ServerOption { return &ServerOptionWord{Name: "agent-check"} },
162+
"no-agent-check": func() ServerOption { return &ServerOptionWord{Name: "no-agent-check"} },
162163
"allow-0rtt": func() ServerOption { return &ServerOptionWord{Name: "allow-0rtt"} },
163164
"backup": func() ServerOption { return &ServerOptionWord{Name: "backup"} },
165+
"no-backup": func() ServerOption { return &ServerOptionWord{Name: "no-backup"} },
164166
"check": func() ServerOption { return &ServerOptionWord{Name: "check"} },
167+
"no-check": func() ServerOption { return &ServerOptionWord{Name: "no-check"} },
165168
"check-send-proxy": func() ServerOption { return &ServerOptionWord{Name: "check-send-proxy"} },
169+
"no-check-send-proxy": func() ServerOption { return &ServerOptionWord{Name: "no-check-send-proxy"} },
166170
"check-ssl": func() ServerOption { return &ServerOptionWord{Name: "check-ssl"} },
171+
"no-check-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-check-ssl"} },
167172
"check-via-socks4": func() ServerOption { return &ServerOptionWord{Name: "check-via-socks4"} },
168173
"disabled": func() ServerOption { return &ServerOptionWord{Name: "disabled"} },
169174
"enabled": func() ServerOption { return &ServerOptionWord{Name: "enabled"} },
170175
"force-sslv3": func() ServerOption { return &ServerOptionWord{Name: "force-sslv3"} },
171-
"force-tlsv10": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv10"} },
172-
"force-tlsv11": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv11"} },
173-
"force-tlsv12": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv12"} },
174-
"force-tlsv13": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv13"} },
175-
"no-agent-check": func() ServerOption { return &ServerOptionWord{Name: "no-agent-check"} },
176-
"no-backup": func() ServerOption { return &ServerOptionWord{Name: "no-backup"} },
177-
"no-check": func() ServerOption { return &ServerOptionWord{Name: "no-check"} },
178-
"no-check-send-proxy": func() ServerOption { return &ServerOptionWord{Name: "no-check-send-proxy"} },
179-
"no-check-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-check-ssl"} },
180-
"no-send-proxy": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy"} },
181-
"no-send-proxy-v2": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2"} },
182-
"no-send-proxy-v2-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2-ssl"} },
183-
"no-send-proxy-v2-ssl-cn": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2-ssl-cn"} },
184-
"no-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-ssl"} },
185-
"no-ssl-reuse": func() ServerOption { return &ServerOptionWord{Name: "no-ssl-reuse"} },
186176
"no-sslv3": func() ServerOption { return &ServerOptionWord{Name: "no-sslv3"} },
187-
"no-tls-tickets": func() ServerOption { return &ServerOptionWord{Name: "no-tls-tickets"} },
177+
"force-tlsv10": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv10"} },
188178
"no-tlsv10": func() ServerOption { return &ServerOptionWord{Name: "no-tlsv10"} },
179+
"force-tlsv11": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv11"} },
189180
"no-tlsv11": func() ServerOption { return &ServerOptionWord{Name: "no-tlsv11"} },
181+
"force-tlsv12": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv12"} },
190182
"no-tlsv12": func() ServerOption { return &ServerOptionWord{Name: "no-tlsv12"} },
183+
"force-tlsv13": func() ServerOption { return &ServerOptionWord{Name: "force-tlsv13"} },
191184
"no-tlsv13": func() ServerOption { return &ServerOptionWord{Name: "no-tlsv13"} },
192-
"no-verifyhost": func() ServerOption { return &ServerOptionWord{Name: "no-verifyhost"} },
193-
"no-tfo": func() ServerOption { return &ServerOptionWord{Name: "no-tfo"} },
194-
"non-stick": func() ServerOption { return &ServerOptionWord{Name: "non-stick"} },
195185
"send-proxy": func() ServerOption { return &ServerOptionWord{Name: "send-proxy"} },
186+
"no-send-proxy": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy"} },
196187
"send-proxy-v2": func() ServerOption { return &ServerOptionWord{Name: "send-proxy-v2"} },
188+
"no-send-proxy-v2": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2"} },
197189
"send-proxy-v2-ssl": func() ServerOption { return &ServerOptionWord{Name: "send-proxy-v2-ssl"} },
190+
"no-send-proxy-v2-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2-ssl"} },
198191
"send-proxy-v2-ssl-cn": func() ServerOption { return &ServerOptionWord{Name: "send-proxy-v2-ssl-cn"} },
192+
"no-send-proxy-v2-ssl-cn": func() ServerOption { return &ServerOptionWord{Name: "no-send-proxy-v2-ssl-cn"} },
199193
"ssl": func() ServerOption { return &ServerOptionWord{Name: "ssl"} },
194+
"no-ssl": func() ServerOption { return &ServerOptionWord{Name: "no-ssl"} },
200195
"ssl-reuse": func() ServerOption { return &ServerOptionWord{Name: "ssl-reuse"} },
196+
"no-ssl-reuse": func() ServerOption { return &ServerOptionWord{Name: "no-ssl-reuse"} },
201197
"stick": func() ServerOption { return &ServerOptionWord{Name: "stick"} },
198+
"non-stick": func() ServerOption { return &ServerOptionWord{Name: "non-stick"} },
202199
"tfo": func() ServerOption { return &ServerOptionWord{Name: "tfo"} },
200+
"no-tfo": func() ServerOption { return &ServerOptionWord{Name: "no-tfo"} },
203201
"tls-tickets": func() ServerOption { return &ServerOptionWord{Name: "tls-tickets"} },
202+
"no-tls-tickets": func() ServerOption { return &ServerOptionWord{Name: "no-tls-tickets"} },
204203
"addr": func() ServerOption { return &ServerOptionValue{Name: "addr"} },
205204
"agent-send": func() ServerOption { return &ServerOptionValue{Name: "agent-send"} },
206205
"agent-inter": func() ServerOption { return &ServerOptionValue{Name: "agent-inter"} },
@@ -261,6 +260,7 @@ var serverOptionFactoryMethods = map[string]func() ServerOption{ //nolint:gochec
261260
"track": func() ServerOption { return &ServerOptionValue{Name: "track"} },
262261
"verify": func() ServerOption { return &ServerOptionValue{Name: "verify"} },
263262
"verifyhost": func() ServerOption { return &ServerOptionValue{Name: "verifyhost"} },
263+
"no-verifyhost": func() ServerOption { return &ServerOptionWord{Name: "no-verifyhost"} },
264264
"weight": func() ServerOption { return &ServerOptionValue{Name: "weight"} },
265265
"pool-low-conn": func() ServerOption { return &ServerOptionValue{Name: "pool-low-conn"} },
266266
"ws": func() ServerOption { return &ServerOptionValue{Name: "ws"} },

configuration/bind.go

+50-30
Original file line numberDiff line numberDiff line change
@@ -242,31 +242,41 @@ func parseBindParams(bindOptions []params.BindOption) models.BindParams { //noli
242242
case "defer-accept":
243243
b.DeferAccept = true
244244
case "force-sslv3":
245+
b.Sslv3 = "enabled"
245246
b.ForceSslv3 = true
247+
case "no-sslv3":
248+
b.Sslv3 = "disabled"
249+
b.NoSslv3 = true
246250
case "force-tlsv10":
251+
b.Tlsv10 = "enabled"
247252
b.ForceTlsv10 = true
253+
case "no-tlsv10":
254+
b.Tlsv10 = "disabled"
255+
b.NoTlsv10 = true
248256
case "force-tlsv11":
257+
b.Tlsv11 = "enabled"
249258
b.ForceTlsv11 = true
259+
case "no-tlsv11":
260+
b.Tlsv11 = "disabled"
261+
b.NoTlsv11 = true
250262
case "force-tlsv12":
263+
b.Tlsv12 = "enabled"
251264
b.ForceTlsv12 = true
265+
case "no-tlsv12":
266+
b.Tlsv12 = "disabled"
267+
b.NoTlsv12 = true
252268
case "force-tlsv13":
269+
b.Tlsv13 = "enabled"
253270
b.ForceTlsv13 = true
271+
case "no-tlsv13":
272+
b.Tlsv13 = "disabled"
273+
b.NoTlsv13 = true
254274
case "generate-certificates":
255275
b.GenerateCertificates = true
256276
case "no-ca-names":
257277
b.NoCaNames = true
258-
case "no-sslv3":
259-
b.NoSslv3 = true
260278
case "no-tls-tickets":
261279
b.NoTLSTickets = true
262-
case "no-tlsv10":
263-
b.NoTlsv10 = true
264-
case "no-tlsv11":
265-
b.NoTlsv11 = true
266-
case "no-tlsv12":
267-
b.NoTlsv12 = true
268-
case "no-tlsv13":
269-
b.NoTlsv13 = true
270280
case "prefer-client-ciphers":
271281
b.PreferClientCiphers = true
272282
case "strict-sni":
@@ -503,21 +513,46 @@ func serializeBindParams(b models.BindParams, path string) []params.BindOption {
503513
if b.ExposeFdListeners {
504514
options = append(options, &params.ServerOptionDoubleWord{Name: "expose-fd", Value: "listeners"})
505515
}
506-
if b.ForceSslv3 {
516+
if b.Sslv3 == "enabled" ||
517+
b.ForceSslv3 {
507518
options = append(options, &params.ServerOptionWord{Name: "force-sslv3"})
508519
}
509-
if b.ForceTlsv10 {
520+
if b.Sslv3 == "disabled" ||
521+
b.NoSslv3 {
522+
options = append(options, &params.ServerOptionWord{Name: "no-sslv3"})
523+
}
524+
if b.Tlsv10 == "enabled" ||
525+
b.ForceTlsv10 {
510526
options = append(options, &params.ServerOptionWord{Name: "force-tlsv10"})
511527
}
512-
if b.ForceTlsv11 {
528+
if b.Tlsv10 == "disabled" ||
529+
b.NoTlsv10 {
530+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv10"})
531+
}
532+
if b.Tlsv11 == "enabled" ||
533+
b.ForceTlsv11 {
513534
options = append(options, &params.ServerOptionWord{Name: "force-tlsv11"})
514535
}
515-
if b.ForceTlsv12 {
536+
if b.Tlsv11 == "disabled" ||
537+
b.NoTlsv11 {
538+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv11"})
539+
}
540+
if b.Tlsv12 == "enabled" ||
541+
b.ForceTlsv12 {
516542
options = append(options, &params.ServerOptionWord{Name: "force-tlsv12"})
517543
}
518-
if b.ForceTlsv13 {
544+
if b.Tlsv12 == "disabled" ||
545+
b.NoTlsv12 {
546+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv12"})
547+
}
548+
if b.Tlsv13 == "enabled" ||
549+
b.ForceTlsv13 {
519550
options = append(options, &params.ServerOptionWord{Name: "force-tlsv13"})
520551
}
552+
if b.Tlsv13 == "disabled" ||
553+
b.NoTlsv13 {
554+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv13"})
555+
}
521556
if b.GenerateCertificates {
522557
options = append(options, &params.ServerOptionWord{Name: "generate-certificates"})
523558
}
@@ -560,24 +595,9 @@ func serializeBindParams(b models.BindParams, path string) []params.BindOption {
560595
if b.NoCaNames {
561596
options = append(options, &params.ServerOptionWord{Name: "no-ca-names"})
562597
}
563-
if b.NoSslv3 {
564-
options = append(options, &params.ServerOptionWord{Name: "no-sslv3"})
565-
}
566598
if b.NoTLSTickets {
567599
options = append(options, &params.ServerOptionWord{Name: "no-tls-tickets"})
568600
}
569-
if b.NoTlsv10 {
570-
options = append(options, &params.ServerOptionWord{Name: "no-tlsv10"})
571-
}
572-
if b.NoTlsv11 {
573-
options = append(options, &params.ServerOptionWord{Name: "no-tlsv11"})
574-
}
575-
if b.NoTlsv12 {
576-
options = append(options, &params.ServerOptionWord{Name: "no-tlsv12"})
577-
}
578-
if b.NoTlsv13 {
579-
options = append(options, &params.ServerOptionWord{Name: "no-tlsv13"})
580-
}
581601
if b.Npn != "" {
582602
options = append(options, &params.BindOptionValue{Name: "npn", Value: b.Npn})
583603
}

configuration/server.go

+51-3
Original file line numberDiff line numberDiff line change
@@ -290,24 +290,35 @@ func parseServerParams(serverOptions []params.ServerOption, serverParams *models
290290
case "enabled":
291291
serverParams.Maintenance = "disabled"
292292
case "force-sslv3":
293+
serverParams.Sslv3 = "enabled"
293294
serverParams.ForceSslv3 = "enabled"
295+
case "no-sslv3":
296+
serverParams.Sslv3 = "disabled"
297+
serverParams.ForceSslv3 = "disabled"
298+
serverParams.NoSslv3 = "enabled" // deprecated kept for backward compatibility
294299
case "force-tlsv10":
300+
serverParams.Tlsv10 = "enabled"
295301
serverParams.ForceTlsv10 = "enabled"
296-
case "no-sslv3":
297-
serverParams.NoSslv3 = "enabled"
298302
case "no-tlsv10":
303+
serverParams.Tlsv10 = "disabled"
299304
serverParams.ForceTlsv10 = "disabled"
300305
case "force-tlsv11":
306+
serverParams.Tlsv11 = "enabled"
301307
serverParams.ForceTlsv11 = "enabled"
302308
case "no-tlsv11":
309+
serverParams.Tlsv11 = "disabled"
303310
serverParams.ForceTlsv11 = "disabled"
304311
case "force-tlsv12":
312+
serverParams.Tlsv12 = "enabled"
305313
serverParams.ForceTlsv12 = "enabled"
306314
case "no-tlsv12":
315+
serverParams.Tlsv12 = "disabled"
307316
serverParams.ForceTlsv12 = "disabled"
308317
case "force-tlsv13":
318+
serverParams.Tlsv13 = "enabled"
309319
serverParams.ForceTlsv13 = "enabled"
310320
case "no-tlsv13":
321+
serverParams.Tlsv13 = "disabled"
311322
serverParams.ForceTlsv13 = "disabled"
312323
case "send-proxy":
313324
serverParams.SendProxy = "enabled"
@@ -345,6 +356,8 @@ func parseServerParams(serverOptions []params.ServerOption, serverParams *models
345356
serverParams.Stick = "enabled"
346357
case "non-stick":
347358
serverParams.Stick = "disabled"
359+
case "no-verifyhost":
360+
serverParams.NoVerifyhost = "enabled"
348361
}
349362
case *params.ServerOptionValue:
350363
switch v.Name {
@@ -596,30 +609,62 @@ func SerializeServerParams(s models.ServerParams, opt *options.ConfigurationOpti
596609
if s.CheckViaSocks4 == "enabled" {
597610
options = append(options, &params.ServerOptionWord{Name: "check-via-socks4"})
598611
}
612+
if s.Sslv3 == "enabled" {
613+
options = append(options, &params.ServerOptionWord{Name: "force-sslv3"})
614+
}
615+
if s.Sslv3 == "disabled" ||
616+
s.NoSslv3 == "enabled" { // deprecated, keeping the behavior, for backward compatibility. Can be removed when field is removed
617+
options = append(options, &params.ServerOptionWord{Name: "no-sslv3"})
618+
}
599619
if s.ForceSslv3 == "enabled" {
600620
options = append(options, &params.ServerOptionWord{Name: "force-sslv3"})
601621
}
602-
if s.NoSslv3 == "enabled" {
622+
if s.ForceSslv3 == "disabled" ||
623+
s.NoSslv3 == "enabled" { // deprecated, keeping the behavior, for backward compatibility. Can be removed when field is removed
603624
options = append(options, &params.ServerOptionWord{Name: "no-sslv3"})
604625
}
626+
if s.Tlsv10 == "enabled" {
627+
options = append(options, &params.ServerOptionWord{Name: "force-tlsv10"})
628+
}
629+
if s.Tlsv10 == "disabled" {
630+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv10"})
631+
}
605632
if s.ForceTlsv10 == "enabled" {
606633
options = append(options, &params.ServerOptionWord{Name: "force-tlsv10"})
607634
}
608635
if s.ForceTlsv10 == "disabled" {
609636
options = append(options, &params.ServerOptionWord{Name: "no-tlsv10"})
610637
}
638+
if s.Tlsv11 == "enabled" {
639+
options = append(options, &params.ServerOptionWord{Name: "force-tlsv11"})
640+
}
641+
if s.Tlsv11 == "disabled" {
642+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv11"})
643+
}
611644
if s.ForceTlsv11 == "enabled" {
612645
options = append(options, &params.ServerOptionWord{Name: "force-tlsv11"})
613646
}
614647
if s.ForceTlsv11 == "disabled" {
615648
options = append(options, &params.ServerOptionWord{Name: "no-tlsv11"})
616649
}
650+
if s.Tlsv12 == "enabled" {
651+
options = append(options, &params.ServerOptionWord{Name: "force-tlsv12"})
652+
}
653+
if s.Tlsv12 == "disabled" {
654+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv12"})
655+
}
617656
if s.ForceTlsv12 == "enabled" {
618657
options = append(options, &params.ServerOptionWord{Name: "force-tlsv12"})
619658
}
620659
if s.ForceTlsv12 == "disabled" {
621660
options = append(options, &params.ServerOptionWord{Name: "no-tlsv12"})
622661
}
662+
if s.Tlsv13 == "enabled" {
663+
options = append(options, &params.ServerOptionWord{Name: "force-tlsv13"})
664+
}
665+
if s.Tlsv13 == "disabled" {
666+
options = append(options, &params.ServerOptionWord{Name: "no-tlsv13"})
667+
}
623668
if s.ForceTlsv13 == "enabled" {
624669
options = append(options, &params.ServerOptionWord{Name: "force-tlsv13"})
625670
}
@@ -869,6 +914,9 @@ func SerializeServerParams(s models.ServerParams, opt *options.ConfigurationOpti
869914
if s.Verifyhost != "" {
870915
options = append(options, &params.ServerOptionValue{Name: "verifyhost", Value: s.Verifyhost})
871916
}
917+
if s.NoVerifyhost == "enabled" {
918+
options = append(options, &params.ServerOptionWord{Name: "no-verifyhost"})
919+
}
872920
if s.Weight != nil {
873921
options = append(options, &params.ServerOptionValue{Name: "weight", Value: strconv.FormatInt(*s.Weight, 10)})
874922
}

0 commit comments

Comments
 (0)