1
0
Fork 0
mirror of https://github.com/zdharma-continuum/zinit-configs.git synced 2025-01-31 04:08:16 +01:00
zinit-configs/psprint/functions/n1ssl_rtunnel
2019-06-27 12:47:09 +02:00

41 lines
1.5 KiB
Bash

# DESC: $0 <lstn_port> <trg_host> <trg_port> <cert> <cafile>
# Warning: this function calls exec, run it in background
setopt localoptions extendedglob noksharrays noshwordsplit
usage() {
print -r -- "Usage: $1 <listen_port> <target_host> <target_port> <cert> <cafile>"
print -r -- "Warning: calls exec, to be run in background"
}
[[ "$1" = "-h" || "$1" = "--help" || -z "$1" ]] && { usage "$0"; return 0; }
[[ "$1" != <-> ]] && { print "Listen port ($1) isn't a number, aborting"; return 1; }
[[ "$3" != <-> ]] && { print "Target port ($3) isn't a number, aborting"; return 2; }
local listen_port="$1" target_host="$2" target_port="$3"
local cert="$4" cafile="$5"
cert="${${(M)cert##/*}:-$HOME/safe/socat/$cert}"
cafile="${${(M)cafile##/*}:-$HOME/safe/socat/$cafile}"
[[ ! -r "$cert" ]] && {
print "Cert ${cert:t} doesn't exist or is unreadable, aborting (looked at path: $cert)"
return 3
}
[[ ! -r "$cafile" ]] && {
print "Cafile ${cafile:t} doesn't exist or is unreadable, aborting (looked at path: $cafile)"
return 4
}
local listen_line="openssl-listen:$listen_port,reuseaddr,fork"
listen_line="$listen_line,cert=$cert,cafile=$cafile"
local commonname=""
command openssl x509 -noout -in "$cafile" -subject | read commonname
commonname="${commonname##*/CN[[:space:]]#=}"
commonname="${commonname##*, CN[[:space:]]##=[[:space:]]##}"
listen_line="$listen_line,commonname=$commonname"
exec socat $listen_line tcp4:$target_host:$target_port 2>/dev/null
# vim:ft=zsh:et