From 83e33b85bc2dea04b3d9080d5c6e4c5c38acd44d Mon Sep 17 00:00:00 2001 From: 2xsaiko Date: Thu, 25 Feb 2021 22:22:06 +0100 Subject: [PATCH] Add option to specify client certificate --- README.md | 8 ++++++++ bridge.go | 14 ++++++++++++++ config.go | 1 + main.go | 2 ++ 4 files changed, 25 insertions(+) diff --git a/README.md b/README.md index 1919f47..d575d03 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,8 @@ Usage of ./mumble-discord-bridge: MUMBLE_DISABLE_TEXT, disable sending text to mumble, (default false) -mumble-insecure MUMBLE_INSECURE, mumble insecure, optional + -mumble-certificate + MUMBLE_CERTIFICATE, mumble client certificate, optional -mumble-password string MUMBLE_PASSWORD, mumble password, optional -mumble-port int @@ -93,6 +95,12 @@ Discord GID is a unique ID linked to one Discord Server, also called Guild. CID Then you can get the GID by right-clicking your server and selecting Copy-ID. Similarly the CID can be found right clicking the voice channel and selecting Copy ID. +### Generating Client Certificate + +If you don't have a client certificate, you can generate one with this command: + + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout cert.pem -out cert.pem -subj "/CN=mumble-discord-bridge" + ### Binary Prebuilt binaries are available. diff --git a/bridge.go b/bridge.go index 2e55cec..d20b8fa 100644 --- a/bridge.go +++ b/bridge.go @@ -6,6 +6,7 @@ import ( "fmt" "log" "net" + "os" "strconv" "sync" "time" @@ -119,6 +120,19 @@ func (b *BridgeState) startBridge() { tlsConfig.InsecureSkipVerify = true } + if b.BridgeConfig.MumbleCertificate != "" { + keyFile := "" + if keyFile == "" { + keyFile = b.BridgeConfig.MumbleCertificate + } + if certificate, err := tls.LoadX509KeyPair(b.BridgeConfig.MumbleCertificate, keyFile); err != nil { + fmt.Fprintf(os.Stderr, "%s: %s\n", os.Args[0], err) + os.Exit(1) + } else { + tlsConfig.Certificates = append(tlsConfig.Certificates, certificate) + } + } + log.Println("Attempting to join Mumble") b.MumbleClient, err = gumble.DialWithDialer(new(net.Dialer), b.BridgeConfig.MumbleAddr, b.BridgeConfig.MumbleConfig, &tlsConfig) diff --git a/config.go b/config.go index e4df869..84b7558 100644 --- a/config.go +++ b/config.go @@ -24,6 +24,7 @@ type BridgeConfig struct { MumbleConfig *gumble.Config MumbleAddr string MumbleInsecure bool + MumbleCertificate string MumbleChannel []string MumbleDisableText bool Command string diff --git a/main.go b/main.go index dc60c25..c8a7b46 100644 --- a/main.go +++ b/main.go @@ -39,6 +39,7 @@ func main() { mumbleUsername := flag.String("mumble-username", lookupEnvOrString("MUMBLE_USERNAME", "Discord"), "MUMBLE_USERNAME, mumble username, (default: discord)") mumblePassword := flag.String("mumble-password", lookupEnvOrString("MUMBLE_PASSWORD", ""), "MUMBLE_PASSWORD, mumble password, optional") mumbleInsecure := flag.Bool("mumble-insecure", lookupEnvOrBool("MUMBLE_INSECURE", false), " MUMBLE_INSECURE, mumble insecure, optional") + mumbleCertificate := flag.String("mumble-certificate", lookupEnvOrString("MUMBLE_CERTIFICATE", ""), "MUMBLE_CERTIFICATE, client certificate to use when connecting to the Mumble server") mumbleChannel := flag.String("mumble-channel", lookupEnvOrString("MUMBLE_CHANNEL", ""), "MUMBLE_CHANNEL, mumble channel to start in, using '/' to seperate nested channels, optional") mumbleDisableText := flag.Bool("mumble-disable-text", lookupEnvOrBool("MUMBLE_DISABLE_TEXT", false), "MUMBLE_DISABLE_TEXT, disable sending text to mumble, (default false)") discordToken := flag.String("discord-token", lookupEnvOrString("DISCORD_TOKEN", ""), "DISCORD_TOKEN, discord bot token, required") @@ -101,6 +102,7 @@ func main() { // MumbleConfig: config, MumbleAddr: *mumbleAddr + ":" + strconv.Itoa(*mumblePort), MumbleInsecure: *mumbleInsecure, + MumbleCertificate: *mumbleCertificate, MumbleChannel: strings.Split(*mumbleChannel, "/"), MumbleDisableText: *mumbleDisableText, Command: *discordCommand,