Simon Zolin
241e7ca20c
* control: move TLS handlers to a separate file
2019-02-27 18:53:16 +03:00
Simon Zolin
24edf7eeb6
* helper functions return 'error', not 'int'
2019-02-27 18:46:04 +03:00
Simon Zolin
99c8cd06c9
Merge remote-tracking branch 'origin/master' into feature/600
2019-02-27 18:40:22 +03:00
Simon Zolin
f21daae023
* control: print HTTP request with log.Tracef()
2019-02-27 18:28:52 +03:00
Simon Zolin
7b64f9ff42
* use dnsproxy v0.11.2
2019-02-27 18:28:09 +03:00
Simon Zolin
5ad9f8ead2
* tlsConfigStatus.usable is public, renamed ("ValidPair") and is exported to json ("valid_pair")
2019-02-27 17:36:02 +03:00
Simon Zolin
5cb6d97cd7
* use new logger - AdguardTeam/golibs/log
2019-02-27 15:02:11 +03:00
Simon Zolin
f4a6ca726c
* validateCertificates(): split the function's code
2019-02-27 14:31:53 +03:00
Simon Zolin
766fbab071
* validateCertificates(): change input parameters; added short description
2019-02-27 14:21:15 +03:00
Andrey Meshkov
ad4b58472f
Update dnsproxy to 0.11.0
2019-02-22 18:16:47 +03:00
Andrey Meshkov
4e1c1618cb
Added install methods to openapi.yaml
...
Print all net interfaces when bind_host is 0.0.0.0
2019-02-22 17:59:42 +03:00
Andrey Meshkov
e8898811fe
Added DOH url
2019-02-22 15:52:12 +03:00
Eugene Bujak
8e993cd788
Fix data races found by race detector.
2019-02-21 19:07:12 +03:00
Eugene Bujak
12f8590228
/tls/configure -- don't close https connection mid-request when configuration removes ports and certificates
2019-02-21 19:01:20 +03:00
Andrey Meshkov
251beb24d3
Added openapi description
2019-02-21 17:33:46 +03:00
Eugene Bujak
a2dd7c32d5
/tls/ -- move certificate logging to verbose
2019-02-20 12:32:10 +03:00
Eugene Bujak
b3f33b4b0b
/status -- add http_port
2019-02-20 12:25:13 +03:00
Eugene Bujak
e873149bee
Fix inability to start https server if it wasn't running
2019-02-19 19:11:39 +03:00
Eugene Bujak
8c406427af
/tls/configure -- accept empty certificates for saving
2019-02-19 17:52:27 +03:00
Eugene Bujak
3c374b5940
/tls/ -- add internal usable flag to simplify logic when https needs to be booted up
2019-02-19 15:21:38 +03:00
Eugene Bujak
ba103f9825
/tls/ -- add ValidCert, without it being true https is not usable
2019-02-19 15:21:19 +03:00
Eugene Bujak
2748d4c889
/tls/configure -- check if https port is usable before accepting the new config
2019-02-19 15:19:11 +03:00
Eugene Bujak
d44f68e844
/tls/configure and /tls/validate -- make validation failures non-fatal
2019-02-15 17:07:45 +03:00
Eugene Bujak
cb97c221fd
/tls/validate and /tls/configure -- do checks on private key, add more fields to certificate status, do keypair check last.
2019-02-15 16:28:28 +03:00
Eugene Bujak
8da90a7f4a
Fix panic when https server is not running
2019-02-15 16:28:28 +03:00
Eugene Bujak
e8280c60d8
/tls/status — Add `not_after` field with a valid certificate expiration date.
2019-02-15 16:28:28 +03:00
Eugene Bujak
571be68733
Validate certificates and update certificate statuses on launch as well.
2019-02-15 16:28:28 +03:00
Eugene Bujak
bdec98f18e
Properly calculate if certificate expires in 30 minutes or not.
2019-02-15 16:28:28 +03:00
Eugene Bujak
28df187012
/tls/configure -- restart HTTPS server if settings changed
...
Fixes not using new HTTPS certificate after submitting it.
2019-02-15 16:28:28 +03:00
Eugene Bujak
57a33654f7
Certificate that doesn't go through the chain is not fatal, just send the warning over json.
2019-02-15 16:28:28 +03:00
Eugene Bujak
30050bf278
Spin up an HTTPS server when certificates, port and private key are configured.
2019-02-15 16:28:28 +03:00
Eugene Bujak
5cbaeb82a8
Introduce /tls/validate and validateCertificates() that will also be used by /tls/configure
2019-02-15 16:28:28 +03:00
Eugene Bujak
876bec5a65
/tls/configure -- introduce unmarshalTLS() that transparently base64-decodes the certificate
2019-02-15 16:28:28 +03:00
Eugene Bujak
4b4faad9e8
Fix status for certificates not updating.
2019-02-15 16:28:28 +03:00
Eugene Bujak
0aeca6bbf5
Don't keep certificates and keys encoded with base64 in yaml config
2019-02-15 16:28:28 +03:00
Eugene Bujak
4a14c199d8
/tls/configure -- allow submitting empty certificates and keys to clear them out from config
2019-02-15 16:28:28 +03:00
Eugene Bujak
d42718465d
/tls/configure -- certificates/keys are now transferred encoded with base64
2019-02-15 16:28:28 +03:00
Eugene Bujak
4da55dc2aa
Fixup of previous commit -- fix build failure
2019-02-15 16:28:27 +03:00
Eugene Bujak
3d3e0784ea
tls/configure -- Backend implementation of parsing user certs
2019-02-15 16:28:27 +03:00
Eugene Bujak
c5b1105fc1
/tls/status -- Expand random stubs for separate statuses of certificate and key
2019-02-15 16:28:27 +03:00
Eugene Bujak
38869b22a6
tls/status -- make stubs add warning and status randomly
2019-02-15 16:28:27 +03:00
Ildar Kamalov
7451eb1346
Initial components for encryption settings
2019-02-15 16:28:27 +03:00
Eugene Bujak
8725c1df7a
Add stub OpenAPI methods
2019-02-15 16:28:26 +03:00
Andrey Meshkov
a40ddb094b
Fix review comments
2019-02-11 14:22:36 +03:00
Andrey Meshkov
9a03190a62
Fix #579
...
1. Added --workdir command-line argument that lets configure the working dir.
2. Made "dnsforward" use this workdir parameter when saving/reading querylog.
3. Reworked "dnsforward" -- moved http handlers out of there to control.go
2019-02-10 20:47:43 +03:00
Eugene Bujak
853582dade
/install/configure -- Don't fail if HTTP listen host and port don't change
2019-02-07 18:24:42 +03:00
Eugene Bujak
3a94080491
/install/get_addresses -- don't send link-local addresses
2019-02-07 18:24:42 +03:00
Andrey Meshkov
bb8d7c37bb
Minor cleanup, added strings, added more information to response when error occurs
2019-02-07 14:22:08 +03:00
Eugene Bujak
fe671152c2
get rid of go-spew and cleanup go.mod from unused packages
2019-02-06 20:50:17 +03:00
Eugene Bujak
398312cd80
Move installation of /install handlers into a separate optional function
2019-02-06 17:28:08 +03:00