daxi20/AdGuardHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

home: refactor tls

Browse Source
This commit is contained in:
Ainar Garipov
2022-11-21 19:05:39 +03:00
parent 93882d6860
commit a8850059db
9 changed files with 454 additions and 386 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/dnsforward/config.go
View File

@@ -22,6 +22,7 @@ import (
"github.com/AdguardTeam/golibs/stringutil"
"github.com/AdguardTeam/golibs/timeutil"
"github.com/ameshkov/dnscrypt/v2"
"golang.org/x/exp/slices"
)
// BlockingMode is an enum of all allowed blocking modes.
@@ -145,7 +146,8 @@ type FilteringConfig struct {
IpsetListFileName string `yaml:"ipset_file"`
}
// TLSConfig is the TLS configuration for HTTPS, DNS-over-HTTPS, and DNS-over-TLS
// TLSConfig is the TLS configuration for HTTPS, DNS-over-HTTPS, DNS-over-TLS,
// and DNS-over-QUIC.
type TLSConfig struct {
cert tls.Certificate
@@ -184,6 +186,11 @@ type TLSConfig struct {
hasIPAddrs bool
}
// CertDataClone returns a deep copy of certificate data.
func (c TLSConfig) CertDataClone() (certData, keyData []byte) {
return slices.Clone(c.CertificateChainData), slices.Clone(c.PrivateKeyData)
}
// DNSCryptConfig is the DNSCrypt server configuration struct.
type DNSCryptConfig struct {
ResolverCert *dnscrypt.Cert