diff options
| author | Shulhan <ms@kilabit.info> | 2026-03-26 05:34:30 +0700 |
|---|---|---|
| committer | Shulhan <ms@kilabit.info> | 2026-03-26 05:34:30 +0700 |
| commit | 5a765dc7f90c2ebc9a11cd79dcfbd8a8b8d99fcd (patch) | |
| tree | dd98807227b3cbe3f85435c3b5cf743a1a9494f6 /lib/dns/server_options.go | |
| parent | b6ba871a86797ad2f028eab2e3820509c3a36109 (diff) | |
| download | pakakeh.go-5a765dc7f90c2ebc9a11cd79dcfbd8a8b8d99fcd.tar.xz | |
lib/dns: refactoring DoT and DoH to use address instead of port
Using port makes the IP address of DoT and DoH listen on the same
address with UDP.
If we set ListenAddress to 0.0.0.0 and TLS termination is handled
by proxy, this cause DoT and DoH will also listen on all
addresses.
Diffstat (limited to 'lib/dns/server_options.go')
| -rw-r--r-- | lib/dns/server_options.go | 30 |
1 files changed, 8 insertions, 22 deletions
diff --git a/lib/dns/server_options.go b/lib/dns/server_options.go index d53b1abd..89a6912b 100644 --- a/lib/dns/server_options.go +++ b/lib/dns/server_options.go @@ -41,6 +41,14 @@ type ServerOptions struct { // This field is optional, default to "0.0.0.0:53". ListenAddress string `ini:"dns:server:listen"` + // DoHListen address for listening DNS over HTTP (DoH). + // If its empty, the server will not serve DoH. + DoHListen string `ini:"dns:server:doh.listen"` + + // DoTListen address for listening DNS over TLS (DoT). + // If its empty, the server will not serve DoT. + DoTListen string `ini:"dns:server:dot.listen"` + // TLSCertFile contains path to certificate for serving DNS over TLS // and HTTPS. // This field is optional, if its empty, server will listening on @@ -108,14 +116,6 @@ type ServerOptions struct { // it. Debug int `ini:"dns:server:debug"` - // HTTPPort port for listening DNS over HTTP (DoH), default to 0. - // If its zero, the server will not serve DNS over HTTP. - HTTPPort uint16 `ini:"dns:server:http.port"` - - // TLSPort port for listening DNS over TLS, default to 0. - // If its zero, the server will not serve DNS over TLS. - TLSPort uint16 `ini:"dns:server:tls.port"` - port uint16 // TLSAllowInsecure option to allow to serve DoH with self-signed @@ -180,20 +180,6 @@ func (opts *ServerOptions) getTCPAddress() *net.TCPAddr { } } -func (opts *ServerOptions) getHTTPAddress() *net.TCPAddr { - return &net.TCPAddr{ - IP: opts.ip, - Port: int(opts.HTTPPort), - } -} - -func (opts *ServerOptions) getDoTAddress() *net.TCPAddr { - return &net.TCPAddr{ - IP: opts.ip, - Port: int(opts.TLSPort), - } -} - // parseNameServers parse each name server in NameServers list based on scheme // and store the result either in udpAddrs, tcpAddrs, dohAddrs, or dotAddrs. // |