mirror of https://github.com/namecoin/ncdns
Merge #46: Apply "gofmt -s"
pull/51/headcf7518d
Travis: Make gotype critical for gometalinter. (JeremyRand)d058005
Travis: Make gofmt critical for gometalinter. (JeremyRand)b6cf88d
gofmt -s util/util_test.go (JeremyRand)0da5cd2
gofmt -s util/util.go (JeremyRand)6e3101e
gofmt -s tlsrestrictchromium/tlsrestrict_chromium_tool/main.go (JeremyRand)e3cd522
gofmt -s tlsrestrictchromium/chromium_test.go (JeremyRand)2f0e866
gofmt -s tlsrestrictchromium/chromium.go (JeremyRand)5152222
gofmt -s tlshook/tlshook.go (JeremyRand)26b4c4c
gofmt -s ncdomain/convert.go (JeremyRand)1fb4007
gofmt -s generate_nmc_cert/main.go (JeremyRand)53adb64
gofmt -s certinject/file.go (JeremyRand)f70f23a
gofmt -s certinject/cryptoapi_windows.go (JeremyRand)6557714
gofmt -s certinject/certinject_windows.go (JeremyRand)b1ab832
gofmt -s certinject_misc.go (JeremyRand)8ec3281
gofmt -s certdehydrate/certdehydrate_test.go (JeremyRand)62f0e6a
gofmt -s certdehydrate/certdehydrate.go (JeremyRand)e8feeb3
gofmt -s backend/backend.go (JeremyRand) Pull request description: Based on recommendations from static analysis. Tree-SHA512: 432d23656e552e93298eab2b3c32cf505aa503639a6cfc9498363b8208b697169392e36247ed029b8d54ddbe4fdfcc2cd36f2497ea22245de3703c95d4edf3b4
commit
236a432808
@ -1,58 +1,57 @@
|
||||
package tlshook
|
||||
|
||||
import (
|
||||
"github.com/hlandau/xlog"
|
||||
"github.com/namecoin/ncdns/certdehydrate"
|
||||
"github.com/namecoin/ncdns/certinject"
|
||||
"github.com/namecoin/ncdns/ncdomain"
|
||||
"github.com/hlandau/xlog"
|
||||
)
|
||||
|
||||
var log, Log = xlog.New("ncdns.tlshook")
|
||||
|
||||
func DomainValueHookTLS(qname string, ncv *ncdomain.Value) (err error) {
|
||||
|
||||
|
||||
log.Info("Intercepted a Value for ", qname)
|
||||
if protocol, ok := ncv.Map["_tcp"]; ok { // TODO: look into allowing non-TCP protocols
|
||||
log.Info("Saw a request with TCP")
|
||||
if port, ok := protocol.Map["_443"]; ok { // TODO: check all ports, not just 443
|
||||
log.Info("Saw a request with TCP port 443")
|
||||
|
||||
|
||||
|
||||
// For dehydrated certificates
|
||||
if len(port.TLSAGenerated) > 0 {
|
||||
|
||||
|
||||
log.Info("Just saw a TLS port 443 capable domain request for ", qname, "!")
|
||||
|
||||
|
||||
for index, cert := range port.TLSAGenerated {
|
||||
|
||||
|
||||
log.Info("Using dehydrated certificate # ", index)
|
||||
|
||||
|
||||
template := cert
|
||||
|
||||
|
||||
var derBytes []byte
|
||||
|
||||
|
||||
derBytes, err = certdehydrate.FillRehydratedCertTemplate(template, qname)
|
||||
if err != nil {
|
||||
log.Info("Failed to create certificate: ", err)
|
||||
continue
|
||||
}
|
||||
|
||||
|
||||
// TODO: check return value
|
||||
certinject.InjectCert(derBytes)
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
// TODO: support non-dehydrated certificates
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// remove any certs that aren't valid anymore
|
||||
certinject.CleanCerts()
|
||||
|
||||
|
||||
err = nil
|
||||
|
||||
|
||||
return
|
||||
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue