Pull request 2371: AGDNS-2714-tls-manager
Merge in DNS/adguard-home from AGDNS-2714-tls-manager to master
Squashed commit of the following:
commit 5c7cd1fa6d8a9bc1fd0f891818589b48bee641dc
Merge: 381f7666b 810ae9483
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Wed Mar 26 14:13:49 2025 +0300
Merge branch 'master' into AGDNS-2714-tls-manager
commit 381f7666b063d225b114976a280e65df736495fe
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 25 19:53:12 2025 +0300
home: imp code
commit 20be72abd449fcc76417381edf7d375248a11e9e
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 25 19:19:51 2025 +0300
home: imp code
commit b5a06e6a15b0f8511819267133a551a56e051499
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Mon Mar 24 21:45:41 2025 +0300
home: imp code
commit a6a5ba727ebbc59d6de4d3762ac196d2cf194875
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Thu Mar 20 21:06:34 2025 +0300
home: imp docs
commit 71d379bafc3f42377ce72add2cab3a56a796941d
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Thu Mar 20 20:47:15 2025 +0300
all: upd chlog
commit be69a5b85d4cd4295a9b68e1c2c2205179a3e7f2
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Wed Mar 19 20:14:20 2025 +0300
home: imp docs
commit 85b28db73b59b90365ff23fc5fc90dc1a10cc152
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Wed Mar 19 20:07:59 2025 +0300
home: imp code
commit c11e4c9e500f7ead96a84575dac08e198569c14d
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Wed Mar 19 19:11:59 2025 +0300
home: imp code
commit 60eff2c66369ca8705a6bb859b5a65d3e6d0df5e
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 21:27:49 2025 +0300
home: imp code
commit fa9d57b2834fe3df85630d95b9eb022f1db372b1
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 21:14:56 2025 +0300
home: imp docs
commit 3f561b64750ab57ef83793522a0b313225245e1e
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 20:59:59 2025 +0300
home: imp code
commit 927296c49f861d102dad8d24e8b67e6204a6c17a
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 18:19:22 2025 +0300
home: imp naming
commit e35f742e42a7304993a924928b51f2452634e258
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 17:53:17 2025 +0300
home: tls manager web api
commit 85a4de7931fea68464fe36c1fb27686eb5b50066
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Tue Mar 18 15:06:34 2025 +0300
home: tls manager config
commit 515b26d6bd6d837d3db937354f74d895b5793206
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Mon Mar 17 22:15:25 2025 +0300
home: tls manager
This commit is contained in:
Stanislav Chzhen
@@ -568,7 +568,7 @@ func parseConfig() (err error) {
|
||||
}
|
||||
|
||||
// Do not wrap the error because it's informative enough as is.
|
||||
return setContextTLSCipherIDs()
|
||||
return validateTLSCipherIDs(config.TLS.OverrideTLSCiphers)
|
||||
}
|
||||
|
||||
// validateConfig returns error if the configuration is invalid.
|
||||
@@ -721,21 +721,15 @@ func (c *configuration) write(tlsMgr *tlsManager) (err error) {
|
||||
return nil
|
||||
}
|
||||
|
||||
// setContextTLSCipherIDs sets the TLS cipher suite IDs to use.
|
||||
func setContextTLSCipherIDs() (err error) {
|
||||
if len(config.TLS.OverrideTLSCiphers) == 0 {
|
||||
log.Info("tls: using default ciphers")
|
||||
|
||||
globalContext.tlsCipherIDs = aghtls.SaferCipherSuites()
|
||||
|
||||
// validateTLSCipherIDs validates the custom TLS cipher suite IDs.
|
||||
func validateTLSCipherIDs(cipherIDs []string) (err error) {
|
||||
if len(cipherIDs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
log.Info("tls: overriding ciphers: %s", config.TLS.OverrideTLSCiphers)
|
||||
|
||||
globalContext.tlsCipherIDs, err = aghtls.ParseCiphers(config.TLS.OverrideTLSCiphers)
|
||||
_, err = aghtls.ParseCiphers(cipherIDs)
|
||||
if err != nil {
|
||||
return fmt.Errorf("parsing override ciphers: %w", err)
|
||||
return fmt.Errorf("override_tls_ciphers: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
|
||||
Reference in New Issue
Block a user