Skip to content

Commit 83f49af

Browse files
authored
feat: dns over tls listener support (#219)
Signed-off-by: Chris Gianelloni <[email protected]>
1 parent 4efd678 commit 83f49af

File tree

2 files changed

+19
-0
lines changed

2 files changed

+19
-0
lines changed

internal/config/config.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ type Config struct {
2222
Debug DebugConfig `yaml:"debug"`
2323
Indexer IndexerConfig `yaml:"indexer"`
2424
State StateConfig `yaml:"state"`
25+
Tls TlsConfig `yaml:"tls"`
2526
Profiles []string `yaml:"profiles" envconfig:"PROFILES"`
2627
}
2728

@@ -33,6 +34,7 @@ type LoggingConfig struct {
3334
type DnsConfig struct {
3435
ListenAddress string `yaml:"address" envconfig:"DNS_LISTEN_ADDRESS"`
3536
ListenPort uint `yaml:"port" envconfig:"DNS_LISTEN_PORT"`
37+
ListenTlsPort uint `yaml:"tlsPort" envconfig:"DNS_LISTEN_TLS_PORT"`
3638
RecursionEnabled bool `yaml:"recursionEnabled" envconfig:"DNS_RECURSION"`
3739
FallbackServers []string `yaml:"fallbackServers" envconfig:"DNS_FALLBACK_SERVERS"`
3840
}
@@ -61,6 +63,11 @@ type StateConfig struct {
6163
Directory string `yaml:"dir" envconfig:"STATE_DIR"`
6264
}
6365

66+
type TlsConfig struct {
67+
CertFilePath string `yaml:"certFilePath" envconfig:"TLS_CERT_FILE_PATH"`
68+
KeyFilePath string `yaml:"keyFilePath" envconfig:"TLS_KEY_FILE_PATH"`
69+
}
70+
6471
// Singleton config instance with default values
6572
var globalConfig = &Config{
6673
Logging: LoggingConfig{
@@ -69,6 +76,7 @@ var globalConfig = &Config{
6976
Dns: DnsConfig{
7077
ListenAddress: "",
7178
ListenPort: 8053,
79+
ListenTlsPort: 8853,
7280
// hdns.io
7381
FallbackServers: []string{
7482
"103.196.38.38",

internal/dns/dns.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,17 @@ func Start() error {
6060
ReusePort: true,
6161
}
6262
go startListener(serverTcp)
63+
// TLS listener
64+
if cfg.Tls.CertFilePath != "" && cfg.Tls.KeyFilePath != "" {
65+
listenTlsAddr := fmt.Sprintf("%s:%d", cfg.Dns.ListenAddress, cfg.Dns.ListenTlsPort)
66+
serverTls := &dns.Server{
67+
Addr: listenTlsAddr,
68+
Net: "tcp-tls",
69+
TsigSecret: nil,
70+
ReusePort: false,
71+
}
72+
go startListener(serverTls)
73+
}
6374
return nil
6475
}
6576

0 commit comments

Comments
 (0)