Documentation
¶
Overview ¶
Package config is responsible for parsing and validating cmd arguments.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// RequestURL is the URL where the target request will be sent.
RequestURL *url.URL
// Method is the HTTP method of the request.
Method string
// Head signals that the tool should only fetch headers. If specified,
// headers will be written to the output.
Head bool
// Data specifies the data to be sent to the HTTP server.
Data string
// Headers is the HTTP headers that will be added to the request.
Headers http.Header
// ProxyURL is a URL of a proxy to use with this connection.
ProxyURL *url.URL
// ConnectTo is a mapping of "host1:port1" to "host2:port2" pairs that
// allows retargeting the connection.
ConnectTo map[string]string
// Insecure disables TLS verification of the connection.
Insecure bool
// TLSMinVersion is a minimum supported TLS version.
TLSMinVersion uint16
// TLSMaxVersion is a maximum supported TLS version.
TLSMaxVersion uint16
// TLSCiphers is a list of ciphers that the client will send in the TLS
// ClientHello.
TLSCiphers []uint16
// TLSServerName allows to send a specified server name in the TLS
// ClientHello extension.
TLSServerName string
// ForceHTTP11 forces using HTTP/1.1.
ForceHTTP11 bool
// ForceHTTP2 forces using HTTP/2.
ForceHTTP2 bool
// ForceHTTP3 forces using HTTP/3.
ForceHTTP3 bool
// ECH forces usage of Encrypted Client Hello for the request. If other
// ECH-related fields are not specified, the ECH configuration will be
// received from the DNS settings.
ECH bool
// ECHGrease forces sending ECH grease in the ClientHello. This option
// does not try to resolve the ECH configuration and is only used for
// testing ECH grease.
ECHGrease bool
// ECHConfigs is a set of ECH configurations that will be used when opening
// an encrypted connection.
ECHConfigs []ctls.ECHConfig
// Resolve is a map of host:ips pairs. It allows specifying custom IP
// addresses for a specific host or all hosts (if '*' is used instead of
// the host name).
Resolve map[string][]net.IP
// IPv4 if configured forces usage of IP4 addresses only when doing DNS
// resolution.
IPv4 bool
// IPv6 if configured forces usage of IP4 addresses only when doing DNS
// resolution.
IPv6 bool
// DNSServers is a list of upstream DNS servers that will be used for
// resolving hostnames.
DNSServers []upstream.Upstream
// TLSSplitChunkSize is a size of the first chunk of ClientHello that is
// sent to the server.
TLSSplitChunkSize int
// TLSSplitDelay is a delay in milliseconds before sending the second
// chunk of ClientHello.
TLSSplitDelay int
// TLSRandom is a 32-byte value to override the TLS ClientHello random.
// If nil, use default.
TLSRandom []byte
// OutputJSON enables writing output in JSON format.
OutputJSON bool
// OutputPath defines where to write the received data. If not set, the
// received data will be written to stdout.
OutputPath string
// ConnectTimeout limits the maximum time in seconds allowed for the
// connection phase. Applied to SOCKS5 proxy connections as well.
ConnectTimeout int
// Experiments is a map where the key is Experiment and value is its
// optional configuration.
Experiments map[Experiment]string
// OHTTPGatewayURL is the URL of the Oblivious HTTP gateway where the
// request should be sent.
OHTTPGatewayURL *url.URL
// OHTTPKeysURL is the URL from which to retrieve Oblivious HTTP KeyConfig
// to use for encrypting the request.
OHTTPKeysURL *url.URL
// Verbose defines whether we should write the DEBUG-level log or not.
Verbose bool
// RawOptions is the raw command-line arguments struct (for logging only).
RawOptions *Options
}
Config is a strictly-typed and validated configuration structure which is created from Options (command-line arguments).
func ParseConfig ¶
ParseConfig parses and validates the provided args and returns the final *Config object.
Disable gocyclo for ParseConfig as it's supposed to be a large function with if conditions.
nolint:gocyclo
type Experiment ¶ added in v1.3.0
type Experiment string
Experiment is an enumeration of experimental features available for us via the --experiment flag.
const ( // ExpNone is just an empty value, not an experiment. ExpNone Experiment = "" // ExpPostQuantum stands for post-quantum cryptography. See the website for // more details: https://pq.cloudflareresearch.com/. ExpPostQuantum Experiment = "pq" )
func NewExperiment ¶ added in v1.3.0
func NewExperiment(str string) (e Experiment, err error)
NewExperiment tries to create an Experiment from string. Returns error if the string is not a valid member of the enumeration.
type Options ¶
type Options struct {
// URL represents the address the request will be made to. It is always the
// last argument.
URL string `long:"url" description:"URL the request will be made to. Can be specified without any flags." value-name:"<URL>"`
// Method is the HTTP method to be used.
Method string `short:"X" long:"request" description:"HTTP method. GET by default." value-name:"<method>"`
// Data specifies the data to be sent to the HTTP server.
Data string `` /* 153-byte string literal not displayed */
// Headers is an array of HTTP headers (format is "header: value") to
// include in the request.
Headers []string `short:"H" long:"header" description:"Extra header to include in the request. Can be specified multiple times."`
// ProxyURL is a URL of a proxy to use with this connection.
ProxyURL string `` /* 178-byte string literal not displayed */
// ConnectTo allows to override the connection target, i.e. for a request
// to the given HOST1:PORT1 pair, connect to HOST2:PORT2 instead.
ConnectTo []string `` /* 180-byte string literal not displayed */
// ConnectTimeout limits the maximum time in seconds allowed for the connection
// phase. This is applied during proxy connections as well (e.g., SOCKS5).
ConnectTimeout int `long:"connect-timeout" description:"Maximum time in seconds allowed for the connection phase." value-name:"<seconds>"`
// Head signals that the tool should only fetch headers. If specified,
// headers will be written to the output.
Head bool `short:"I" long:"head" description:"Fetch the headers only." optional:"yes" optional-value:"true"`
// Insecure disables TLS verification of the connection.
Insecure bool `short:"k" long:"insecure" description:"Disables TLS verification of the connection." optional:"yes" optional-value:"true"`
// TLSv13 forces to use TLS v1.3.
TLSv13 bool `long:"tlsv1.3" description:"Forces gocurl to use TLS v1.3 or newer." optional:"yes" optional-value:"true"`
// TLSv13 forces to use TLS v1.2.
TLSv12 bool `long:"tlsv1.2" description:"Forces gocurl to use TLS v1.2 or newer." optional:"yes" optional-value:"true"`
// TLSMax specifies the maximum supported TLS version.
TLSMax string `` /* 184-byte string literal not displayed */
// TLSCiphers specifies which ciphers to use in the connection, see
// https://go.dev/src/crypto/tls/cipher_suites.go for the full list of
// available ciphers.
TLSCiphers string `` /* 216-byte string literal not displayed */
// TLSServerName allows to send a specified server name in the TLS
// ClientHello extension.
TLSServerName string `long:"tls-servername" description:"Specifies the server name that will be sent in TLS ClientHello" value-name:"<HOSTNAME>"`
// HTTPv11 forces to use HTTP v1.1.
HTTPv11 bool `long:"http1.1" description:"Forces gocurl to use HTTP v1.1." optional:"yes" optional-value:"true"`
// HTTPv2 forces to use HTTP v2.
HTTPv2 bool `long:"http2" description:"Forces gocurl to use HTTP v2." optional:"yes" optional-value:"true"`
// HTTPv3 forces to use HTTP v3.
HTTPv3 bool `long:"http3" description:"Forces gocurl to use HTTP v3." optional:"yes" optional-value:"true"`
// ECH forces usage of Encrypted Client Hello for the request. If other
// ECH-related fields are not specified, the ECH configuration will be
// received from the DNS settings.
ECH bool `long:"ech" description:"Enables ECH support for the request." optional:"yes" optional-value:"true"`
// ECHGrease forces sending ECH grease in the ClientHello. This option
// does not try to resolve the ECH configuration and is only used for
// testing ECH grease.
ECHGrease bool `` /* 164-byte string literal not displayed */
// ECHConfig is a custom ECH configuration to use for this request. If this
// option is specified, there will be no attempt to discover the ECH
// configuration using DNS.
ECHConfig string `` /* 149-byte string literal not displayed */
// IPv4 if configured forces usage of IP4 addresses only when doing DNS
// resolution.
IPv4 bool `` /* 151-byte string literal not displayed */
// IPv6 if configured forces usage of IP4 addresses only when doing DNS
// resolution.
IPv6 bool `` /* 151-byte string literal not displayed */
// DNSServers is a list of DNS servers that will be used to resolve
// hostnames when making a request. Encrypted DNS addresses or DNS stamps
// can be used here.
DNSServers string `` /* 168-byte string literal not displayed */
// Resolve allows to provide a custom address for a specific host and port
// pair. Supports '*' instead of the host name to cover all hosts.
Resolve []string `` /* 219-byte string literal not displayed */
// TLSSplitHello is an option that allows splitting TLS ClientHello in two
// parts in order to avoid common DPI systems detecting TLS. CHUNKSIZE is
// the size of the first bytes before ClientHello is split, DELAY is delay
// in milliseconds before sending the second part.
TLSSplitHello string `` /* 313-byte string literal not displayed */
// TLSRandom allows overriding the TLS ClientHello random value. Must be
// a base64-encoded 32-byte string.
TLSRandom string `long:"tls-random" description:"Base64-encoded 32-byte TLS ClientHello random value." value-name:"<base64>"`
// OutputJSON enables writing output in JSON format.
OutputJSON bool `` /* 128-byte string literal not displayed */
// OutputPath defines where to write the received data. If not set, gocurl
// will write everything to stdout.
OutputPath string `` /* 151-byte string literal not displayed */
// Experiments allows to enable experimental configuration options.
Experiments []string `` /* 175-byte string literal not displayed */
// OHTTPGatewayURL is the URL of the Oblivious HTTP gateway where the request should be sent.
OHTTPGatewayURL string `long:"ohttp-gateway-url" description:"URL of the Oblivious HTTP gateway where the request should be sent." value-name:"<URL>"`
// OHTTPKeysURL is the URL from which to retrieve Oblivious HTTP KeyConfig.
OHTTPKeysURL string `` /* 141-byte string literal not displayed */
// Verbose defines whether we should write the DEBUG-level log or not.
Verbose bool `short:"v" long:"verbose" description:"Verbose output (optional)." optional:"yes" optional-value:"true"`
}
Options represents command-line arguments.
Source Files
Click to show internal directories.
Click to hide internal directories.