| author | Alberto Bertogli
<albertito@blitiri.com.ar> 2020-07-27 23:24:31 UTC |
| committer | Alberto Bertogli
<albertito@blitiri.com.ar> 2020-07-27 23:24:31 UTC |
| parent | 3715db834b529f883fc62da35ab4939ecddcb5d7 |
| dnss.go | +4 | -7 |
| dnss_test.go | +1 | -1 |
| internal/httpserver/server.go | +2 | -5 |
| tests/external.sh | +5 | -5 |
diff --git a/dnss.go b/dnss.go index 019a78f..45dff93 100644 --- a/dnss.go +++ b/dnss.go @@ -63,13 +63,12 @@ var ( "key to use for the HTTPS server") httpsAddr = flag.String("https_server_addr", ":443", "address to listen on for HTTPS-to-DNS requests") + insecureHTTPServer = flag.Bool("insecure_http_server", false, + "listen on plain HTTP, not HTTPS") monitoringListenAddr = flag.String("monitoring_listen_addr", "", "address to listen on for monitoring HTTP requests") - insecureForTesting = flag.Bool("testing__insecure_http", false, - "INSECURE, for testing only") - forceMode = flag.String("force_mode", "", "Force HTTPS resolver mode ('JSON', 'DoH', 'autodetect' (default))") @@ -94,10 +93,6 @@ func main() { log.Fatalf("") } - if *insecureForTesting { - httpserver.InsecureForTesting = true - } - var wg sync.WaitGroup // DNS to HTTPS. @@ -149,7 +144,9 @@ func main() { Upstream: *dnsUpstream, CertFile: *httpsCertFile, KeyFile: *httpsKeyFile, + Insecure: *insecureHTTPServer, } + wg.Add(1) go func() { defer wg.Done() diff --git a/dnss_test.go b/dnss_test.go index 971cd7b..c98d5a0 100644 --- a/dnss_test.go +++ b/dnss_test.go @@ -48,8 +48,8 @@ func Setup(tb testing.TB, mode string) string { htod := httpserver.Server{ Addr: HTTPSToDNSAddr, Upstream: DNSServerAddr, + Insecure: true, } - httpserver.InsecureForTesting = true go htod.ListenAndServe() // Test DNS server. diff --git a/internal/httpserver/server.go b/internal/httpserver/server.go index 8cfe25e..9114368 100644 --- a/internal/httpserver/server.go +++ b/internal/httpserver/server.go @@ -37,12 +37,9 @@ type Server struct { Upstream string CertFile string KeyFile string + Insecure bool } -// InsecureForTesting = true will make Server.ListenAndServe will not use TLS. -// This is only useful for integration testing purposes. -var InsecureForTesting = false - // ListenAndServe starts the HTTPS server. func (s *Server) ListenAndServe() { mux := http.NewServeMux() @@ -55,7 +52,7 @@ func (s *Server) ListenAndServe() { log.Infof("HTTPS listening on %s", s.Addr) var err error - if InsecureForTesting { + if s.Insecure { err = srv.ListenAndServe() } else { err = srv.ListenAndServeTLS(s.CertFile, s.KeyFile) diff --git a/tests/external.sh b/tests/external.sh index 8e42aa6..0170ef3 100755 --- a/tests/external.sh +++ b/tests/external.sh @@ -98,7 +98,7 @@ fi echo "## Launching HTTPS server" dnss -enable_https_to_dns \ - -testing__insecure_http -https_server_addr "localhost:1999" + -insecure_http_server -https_server_addr "localhost:1999" HTTP_PID=$PID mv .dnss.log .dnss.http.log @@ -109,14 +109,14 @@ if ! get "http://localhost:1900/debug/flags"; then echo "Failed to get /debug/flags" exit 1 fi -if ! grep -q "testing__insecure_http=true" .wget.out; then +if ! grep -q "insecure_http_server=true" .wget.out; then echo "/debug/flags did not contain expected flags (see .wget.out)" exit 1 fi echo "## Autodetect against dnss" dnss -enable_dns_to_https -dns_listen_addr "localhost:1053" \ - -testing__insecure_http \ + -insecure_http_server \ -https_upstream "http://localhost:1999/dns-query" resolve @@ -124,7 +124,7 @@ kill $PID echo "## JSON against dnss" dnss -enable_dns_to_https -dns_listen_addr "localhost:1053" \ - -testing__insecure_http \ + -insecure_http_server \ -force_mode="JSON" \ -https_upstream "http://localhost:1999/dns-query" @@ -142,7 +142,7 @@ kill $PID echo "## DoH against dnss" dnss -enable_dns_to_https -dns_listen_addr "localhost:1053" \ - -testing__insecure_http \ + -insecure_http_server \ -force_mode="DoH" \ -https_upstream "http://localhost:1999/dns-query"