/tls/configure and /tls/status -- now there's an explicit 'enabled' bool.
This commit is contained in:
Eugene Bujak
Eugene Bujak
parent
8da90a7f4a
commit
81bb4aea78
4
app.go
4
app.go
|
|
@ -25,7 +25,7 @@ var VersionString = "undefined"
|
||||||
var httpServer *http.Server
|
var httpServer *http.Server
|
||||||
var httpsServer struct {
|
var httpsServer struct {
|
||||||
server *http.Server
|
server *http.Server
|
||||||
cond *sync.Cond // reacts to config.TLS.PortHTTPS, CertificateChain and PrivateKey
|
cond *sync.Cond // reacts to config.TLS.Enabled, PortHTTPS, CertificateChain and PrivateKey
|
||||||
sync.Mutex // protects config.TLS
|
sync.Mutex // protects config.TLS
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -173,7 +173,7 @@ func run(args options) {
|
||||||
for { // this is an endless loop
|
for { // this is an endless loop
|
||||||
httpsServer.cond.L.Lock()
|
httpsServer.cond.L.Lock()
|
||||||
// this mechanism doesn't let us through until all conditions are ment
|
// this mechanism doesn't let us through until all conditions are ment
|
||||||
for config.TLS.PortHTTPS == 0 || config.TLS.PrivateKey == "" || config.TLS.CertificateChain == "" { // sleep until neccessary data is supplied
|
for config.TLS.Enabled == false || config.TLS.PortHTTPS == 0 || config.TLS.PrivateKey == "" || config.TLS.CertificateChain == "" { // sleep until neccessary data is supplied
|
||||||
httpsServer.cond.Wait()
|
httpsServer.cond.Wait()
|
||||||
}
|
}
|
||||||
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
|
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
|
||||||
|
|
|
||||||
|
|
@ -62,6 +62,7 @@ type dnsConfig struct {
|
||||||
var defaultDNS = []string{"tls://1.1.1.1", "tls://1.0.0.1"}
|
var defaultDNS = []string{"tls://1.1.1.1", "tls://1.0.0.1"}
|
||||||
|
|
||||||
type tlsConfigSettings struct {
|
type tlsConfigSettings struct {
|
||||||
|
Enabled bool `yaml:"enaled" json:"enabled"`
|
||||||
ServerName string `yaml:"server_name" json:"server_name,omitempty"`
|
ServerName string `yaml:"server_name" json:"server_name,omitempty"`
|
||||||
ForceHTTPS bool `yaml:"force_https" json:"force_https,omitempty"`
|
ForceHTTPS bool `yaml:"force_https" json:"force_https,omitempty"`
|
||||||
PortHTTPS int `yaml:"port_https" json:"port_https,omitempty"`
|
PortHTTPS int `yaml:"port_https" json:"port_https,omitempty"`
|
||||||
|
|
|
||||||
8
dns.go
8
dns.go
|
|
@ -51,9 +51,11 @@ func generateServerConfig() dnsforward.ServerConfig {
|
||||||
Filters: filters,
|
Filters: filters,
|
||||||
}
|
}
|
||||||
|
|
||||||
newconfig.TLSConfig = config.TLS.TLSConfig
|
if config.TLS.Enabled {
|
||||||
if config.TLS.PortDNSOverTLS != 0 {
|
newconfig.TLSConfig = config.TLS.TLSConfig
|
||||||
newconfig.TLSListenAddr = &net.TCPAddr{IP: net.ParseIP(config.DNS.BindHost), Port: config.TLS.PortDNSOverTLS}
|
if config.TLS.PortDNSOverTLS != 0 {
|
||||||
|
newconfig.TLSListenAddr = &net.TCPAddr{IP: net.ParseIP(config.DNS.BindHost), Port: config.TLS.PortDNSOverTLS}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, u := range config.DNS.UpstreamDNS {
|
for _, u := range config.DNS.UpstreamDNS {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue