4 files changed, 24 insertions, 37 deletions
diff --git a/lib/dns/dns_test.go b/lib/dns/dns_test.go
index 48212766..7f52af80 100644
--- a/lib/dns/dns_test.go
+++ b/lib/dns/dns_test.go
@@ -14,7 +14,6 @@ import (
 const (
 	testServerAddress    = "127.0.0.1:5300"
 	testDoTServerAddress = "127.0.0.1:18053"
-	testTLSPort          = 18053
 
 	// Equal to 2023-08-05 07:53:20 +0000 UTC.
 	testNowEpoch = 1691222000
@@ -47,8 +46,8 @@ func runServer() {
 	var (
 		serverOptions = &ServerOptions{
 			ListenAddress:    "127.0.0.1:5300",
-			HTTPPort:         8443,
-			TLSPort:          testTLSPort,
+			DoHListen:        `127.0.0.1:8443`,
+			DoTListen:        testDoTServerAddress,
 			TLSCertFile:      "testdata/domain.crt",
 			TLSPrivateKey:    "testdata/domain.key",
 			TLSAllowInsecure: true,
diff --git a/lib/dns/server.go b/lib/dns/server.go
index 3d46d114..4ba59bd2 100644
--- a/lib/dns/server.go
+++ b/lib/dns/server.go
@@ -194,10 +194,10 @@ func (srv *Server) ListenAndServe() (err error) {
 	srv.startAllForwarders()
 
 	go srv.processRequest()
-	if srv.opts.TLSPort > 0 {
+	if srv.opts.DoTListen != `` {
 		go srv.serveDoT()
 	}
-	if srv.opts.HTTPPort > 0 {
+	if srv.opts.DoHListen != `` {
 		go srv.serveDoH()
 	}
 	go srv.serveTCP()
@@ -242,17 +242,14 @@ func (srv *Server) Stop() {
 // serveDoH listen for request over HTTPS using certificate and key
 // file in parameter.  The path to request is static "/dns-query".
 func (srv *Server) serveDoH() {
-	var (
-		logp = `serveDoH`
-		addr = srv.opts.getHTTPAddress().String()
-	)
+	logp := `serveDoH`
 
 	var mux = http.NewServeMux()
 
 	mux.Handle(`/dns-query`, srv)
 
 	srv.doh = &http.Server{
-		Addr:              addr,
+		Addr:              srv.opts.DoHListen,
 		IdleTimeout:       srv.opts.HTTPIdleTimeout,
 		ReadHeaderTimeout: 5 * time.Second,
 		Handler:           mux,
@@ -260,11 +257,11 @@ func (srv *Server) serveDoH() {
 
 	var err error
 	if srv.tlsConfig != nil && !srv.opts.DoHBehindProxy {
-		log.Printf(`%s: listening at %s`, logp, addr)
+		log.Printf(`%s: listening at %s`, logp, srv.doh.Addr)
 		srv.doh.TLSConfig = srv.tlsConfig
 		err = srv.doh.ListenAndServeTLS("", "")
 	} else {
-		log.Printf(`%s: listening behind proxy at %s`, logp, addr)
+		log.Printf(`%s: listening behind proxy at %s`, logp, srv.doh.Addr)
 		err = srv.doh.ListenAndServe()
 	}
 	if errors.Is(err, io.EOF) {
@@ -278,14 +275,19 @@ func (srv *Server) serveDoH() {
 
 func (srv *Server) serveDoT() {
 	var (
-		logp    = `serveDoT`
-		dotAddr = srv.opts.getDoTAddress()
+		logp = `serveDoT`
 
 		cl   *TCPClient
 		conn net.Conn
 		err  error
 	)
 
+	dotAddr, err := net.ResolveTCPAddr(`tcp`, srv.opts.DoTListen)
+	if err != nil {
+		log.Printf(`%s: %s`, logp, err)
+		return
+	}
+
 	for {
 		if srv.opts.DoHBehindProxy || srv.tlsConfig == nil {
 			srv.dot, err = net.ListenTCP("tcp", dotAddr)
diff --git a/lib/dns/server_example_test.go b/lib/dns/server_example_test.go
index c9222885..c14f2888 100644
--- a/lib/dns/server_example_test.go
+++ b/lib/dns/server_example_test.go
@@ -51,7 +51,7 @@ func ExampleServer() {
 		serverAddress = "127.0.0.1:5300"
 		serverOptions = &ServerOptions{
 			ListenAddress:    "127.0.0.1:5300",
-			HTTPPort:         8443,
+			DoHListen:        "127.0.0.1:8443",
 			TLSCertFile:      "testdata/domain.crt",
 			TLSPrivateKey:    "testdata/domain.key",
 			TLSAllowInsecure: true,
diff --git a/lib/dns/server_options.go b/lib/dns/server_options.go
index d53b1abd..89a6912b 100644
--- a/lib/dns/server_options.go
+++ b/lib/dns/server_options.go
@@ -41,6 +41,14 @@ type ServerOptions struct {
 	// This field is optional, default to "0.0.0.0:53".
 	ListenAddress string `ini:"dns:server:listen"`
 
+	// DoHListen address for listening DNS over HTTP (DoH).
+	// If its empty, the server will not serve DoH.
+	DoHListen string `ini:"dns:server:doh.listen"`
+
+	// DoTListen address for listening DNS over TLS (DoT).
+	// If its empty, the server will not serve DoT.
+	DoTListen string `ini:"dns:server:dot.listen"`
+
 	// TLSCertFile contains path to certificate for serving DNS over TLS
 	// and HTTPS.
 	// This field is optional, if its empty, server will listening on
@@ -108,14 +116,6 @@ type ServerOptions struct {
 	// it.
 	Debug int `ini:"dns:server:debug"`
 
-	// HTTPPort port for listening DNS over HTTP (DoH), default to 0.
-	// If its zero, the server will not serve DNS over HTTP.
-	HTTPPort uint16 `ini:"dns:server:http.port"`
-
-	// TLSPort port for listening DNS over TLS, default to 0.
-	// If its zero, the server will not serve DNS over TLS.
-	TLSPort uint16 `ini:"dns:server:tls.port"`
-
 	port uint16
 
 	// TLSAllowInsecure option to allow to serve DoH with self-signed
@@ -180,20 +180,6 @@ func (opts *ServerOptions) getTCPAddress() *net.TCPAddr {
 	}
 }
 
-func (opts *ServerOptions) getHTTPAddress() *net.TCPAddr {
-	return &net.TCPAddr{
-		IP:   opts.ip,
-		Port: int(opts.HTTPPort),
-	}
-}
-
-func (opts *ServerOptions) getDoTAddress() *net.TCPAddr {
-	return &net.TCPAddr{
-		IP:   opts.ip,
-		Port: int(opts.TLSPort),
-	}
-}
-
 // parseNameServers parse each name server in NameServers list based on scheme
 // and store the result either in udpAddrs, tcpAddrs, dohAddrs, or dotAddrs.
 //