Commit Graph

128 Commits

Author SHA1 Message Date
Simon Zolin 241e7ca20c * control: move TLS handlers to a separate file 2019-02-27 18:53:16 +03:00
Simon Zolin 24edf7eeb6 * helper functions return 'error', not 'int' 2019-02-27 18:46:04 +03:00
Simon Zolin 99c8cd06c9 Merge remote-tracking branch 'origin/master' into feature/600 2019-02-27 18:40:22 +03:00
Simon Zolin f21daae023 * control: print HTTP request with log.Tracef() 2019-02-27 18:28:52 +03:00
Simon Zolin 7b64f9ff42 * use dnsproxy v0.11.2 2019-02-27 18:28:09 +03:00
Simon Zolin 5ad9f8ead2 * tlsConfigStatus.usable is public, renamed ("ValidPair") and is exported to json ("valid_pair") 2019-02-27 17:36:02 +03:00
Simon Zolin 5cb6d97cd7 * use new logger - AdguardTeam/golibs/log 2019-02-27 15:02:11 +03:00
Simon Zolin f4a6ca726c * validateCertificates(): split the function's code 2019-02-27 14:31:53 +03:00
Simon Zolin 766fbab071 * validateCertificates(): change input parameters; added short description 2019-02-27 14:21:15 +03:00
Andrey Meshkov ad4b58472f Update dnsproxy to 0.11.0 2019-02-22 18:16:47 +03:00
Andrey Meshkov 4e1c1618cb Added install methods to openapi.yaml
Print all net interfaces when bind_host is 0.0.0.0
2019-02-22 17:59:42 +03:00
Andrey Meshkov e8898811fe Added DOH url 2019-02-22 15:52:12 +03:00
Eugene Bujak 8e993cd788 Fix data races found by race detector. 2019-02-21 19:07:12 +03:00
Eugene Bujak 12f8590228 /tls/configure -- don't close https connection mid-request when configuration removes ports and certificates 2019-02-21 19:01:20 +03:00
Andrey Meshkov 251beb24d3 Added openapi description 2019-02-21 17:33:46 +03:00
Eugene Bujak a2dd7c32d5 /tls/ -- move certificate logging to verbose 2019-02-20 12:32:10 +03:00
Eugene Bujak b3f33b4b0b /status -- add http_port 2019-02-20 12:25:13 +03:00
Eugene Bujak e873149bee Fix inability to start https server if it wasn't running 2019-02-19 19:11:39 +03:00
Eugene Bujak 8c406427af /tls/configure -- accept empty certificates for saving 2019-02-19 17:52:27 +03:00
Eugene Bujak 3c374b5940 /tls/ -- add internal usable flag to simplify logic when https needs to be booted up 2019-02-19 15:21:38 +03:00
Eugene Bujak ba103f9825 /tls/ -- add ValidCert, without it being true https is not usable 2019-02-19 15:21:19 +03:00
Eugene Bujak 2748d4c889 /tls/configure -- check if https port is usable before accepting the new config 2019-02-19 15:19:11 +03:00
Eugene Bujak d44f68e844 /tls/configure and /tls/validate -- make validation failures non-fatal 2019-02-15 17:07:45 +03:00
Eugene Bujak cb97c221fd /tls/validate and /tls/configure -- do checks on private key, add more fields to certificate status, do keypair check last. 2019-02-15 16:28:28 +03:00
Eugene Bujak 8da90a7f4a Fix panic when https server is not running 2019-02-15 16:28:28 +03:00
Eugene Bujak e8280c60d8 /tls/status — Add `not_after` field with a valid certificate expiration date. 2019-02-15 16:28:28 +03:00
Eugene Bujak 571be68733 Validate certificates and update certificate statuses on launch as well. 2019-02-15 16:28:28 +03:00
Eugene Bujak bdec98f18e Properly calculate if certificate expires in 30 minutes or not. 2019-02-15 16:28:28 +03:00
Eugene Bujak 28df187012 /tls/configure -- restart HTTPS server if settings changed
Fixes not using new HTTPS certificate after submitting it.
2019-02-15 16:28:28 +03:00
Eugene Bujak 57a33654f7 Certificate that doesn't go through the chain is not fatal, just send the warning over json. 2019-02-15 16:28:28 +03:00
Eugene Bujak 30050bf278 Spin up an HTTPS server when certificates, port and private key are configured. 2019-02-15 16:28:28 +03:00
Eugene Bujak 5cbaeb82a8 Introduce /tls/validate and validateCertificates() that will also be used by /tls/configure 2019-02-15 16:28:28 +03:00
Eugene Bujak 876bec5a65 /tls/configure -- introduce unmarshalTLS() that transparently base64-decodes the certificate 2019-02-15 16:28:28 +03:00
Eugene Bujak 4b4faad9e8 Fix status for certificates not updating. 2019-02-15 16:28:28 +03:00
Eugene Bujak 0aeca6bbf5 Don't keep certificates and keys encoded with base64 in yaml config 2019-02-15 16:28:28 +03:00
Eugene Bujak 4a14c199d8 /tls/configure -- allow submitting empty certificates and keys to clear them out from config 2019-02-15 16:28:28 +03:00
Eugene Bujak d42718465d /tls/configure -- certificates/keys are now transferred encoded with base64 2019-02-15 16:28:28 +03:00
Eugene Bujak 4da55dc2aa Fixup of previous commit -- fix build failure 2019-02-15 16:28:27 +03:00
Eugene Bujak 3d3e0784ea tls/configure -- Backend implementation of parsing user certs 2019-02-15 16:28:27 +03:00
Eugene Bujak c5b1105fc1 /tls/status -- Expand random stubs for separate statuses of certificate and key 2019-02-15 16:28:27 +03:00
Eugene Bujak 38869b22a6 tls/status -- make stubs add warning and status randomly 2019-02-15 16:28:27 +03:00
Ildar Kamalov 7451eb1346 Initial components for encryption settings 2019-02-15 16:28:27 +03:00
Eugene Bujak 8725c1df7a Add stub OpenAPI methods 2019-02-15 16:28:26 +03:00
Andrey Meshkov a40ddb094b Fix review comments 2019-02-11 14:22:36 +03:00
Andrey Meshkov 9a03190a62 Fix #579
1. Added --workdir command-line argument that lets configure the working dir.
2. Made "dnsforward" use this workdir parameter when saving/reading querylog.
3. Reworked "dnsforward" -- moved http handlers out of there to control.go
2019-02-10 20:47:43 +03:00
Eugene Bujak 853582dade /install/configure -- Don't fail if HTTP listen host and port don't change 2019-02-07 18:24:42 +03:00
Eugene Bujak 3a94080491 /install/get_addresses -- don't send link-local addresses 2019-02-07 18:24:42 +03:00
Andrey Meshkov bb8d7c37bb Minor cleanup, added strings, added more information to response when error occurs 2019-02-07 14:22:08 +03:00
Eugene Bujak fe671152c2 get rid of go-spew and cleanup go.mod from unused packages 2019-02-06 20:50:17 +03:00
Eugene Bujak 398312cd80 Move installation of /install handlers into a separate optional function 2019-02-06 17:28:08 +03:00