TLS¶
TLS is a data channel type in GOST.
TLS Certificate Configuration
For TLS configuration, please refer to TLS configuration。
Standard TLS Service¶
Multiplexing¶
GOST extends TLS with multiplexing feature (mtls). Multiplexing is based on xtaci/smux library.
Options¶
Multiplexing Related Options¶
mux.version
(int, default=1)- SMUX protocol version.
mux.keepaliveDisabled
(bool, default=false)- Whether to disable heartbeat.
mux.keepaliveInterval
(duration, default=10s)- Heartbeat interval.
mux.keepaliveTimeout
(duration, default=30s)- Heartbeat timeout.
mux.maxFrameSize
(int, default=32768)- Maximum frame length.
mux.maxReceiveBuffer
(int, default=4194304)- Receive buffer size.
mux.maxStreamBuffer
(int, default=65536)- Steam Buffer Size.
Proxy¶
TLS data channel can be used in combination with various proxy protocols.
HTTP Over TLS¶
SOCKS5 Over TLS¶
Relay Over TLS¶
Port Forwarding¶
TLS tunnel can also be used for port forwarding, which is equivalent to adding TLS encryption on top of TCP port forwarding services.
Server
is equivalent to
By using port forwarding of the TLS data channel, a TLS encrypted data channel is added to the HTTP proxy service on port 8080.
At this time, port 8443 is equivalent to: