mirrors
/
AdGuardHome
mirror of https://github.com/AdguardTeam/AdGuardHome.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Spin up an HTTPS server when certificates, port and private key are configured.

This commit is contained in:
Eugene Bujak 2019-02-12 21:14:02 +03:00 committed by Eugene Bujak
parent 5cbaeb82a8
commit 30050bf278
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
app.go
View File

@ -1,6 +1,7 @@
package main package main
import ( import (
"crypto/tls"
"fmt" "fmt"
stdlog "log" stdlog "log"
"net" "net"
@ -10,6 +11,7 @@ import (
"path/filepath" "path/filepath"
"runtime" "runtime"
"strconv" "strconv"
"sync"
"syscall" "syscall"
"time" "time"
@ -21,6 +23,11 @@ import (
// VersionString will be set through ldflags, contains current version // VersionString will be set through ldflags, contains current version
var VersionString = "undefined" var VersionString = "undefined"
var httpServer *http.Server var httpServer *http.Server
var httpsServer struct {
server *http.Server
cond *sync.Cond // reacts to config.TLS.PortHTTPS, CertificateChain and PrivateKey
sync.Mutex // protects config.TLS
}
const ( const (
// Used in config to indicate that syslog or eventlog (win) should be used for logger output // Used in config to indicate that syslog or eventlog (win) should be used for logger output
@ -159,6 +166,42 @@ func run(args options) {
registerInstallHandlers() registerInstallHandlers()
} }
httpsServer.cond = sync.NewCond(&httpsServer.Mutex)
// for https, we have a separate goroutine loop
go func() {
for { // this is an endless loop
httpsServer.cond.L.Lock()
// this mechanism doesn't let us through until all conditions are ment
for config.TLS.PortHTTPS == 0 || config.TLS.PrivateKey == "" || config.TLS.CertificateChain == "" { // sleep until neccessary data is supplied
httpsServer.cond.Wait()
}
log.Printf("%+v", config.TLS)
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
cert, err := tls.X509KeyPair([]byte(config.TLS.CertificateChain), []byte(config.TLS.PrivateKey))
if err != nil {
log.Fatal(err)
os.Exit(1)
}
config := &tls.Config{
Certificates: []tls.Certificate{cert},
}
httpsServer.server = &http.Server{
Addr: address,
TLSConfig: config,
}
httpsServer.cond.L.Unlock()
URL := fmt.Sprintf("https://%s", address)
log.Println("Go to " + URL)
err = httpsServer.server.ListenAndServeTLS("", "")
if err != http.ErrServerClosed {
log.Fatal(err)
os.Exit(1)
}
}
}()
// this loop is used as an ability to change listening host and/or port // this loop is used as an ability to change listening host and/or port
for { for {
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.BindPort)) address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.BindPort))

1
control.go
View File

@ -1077,6 +1077,7 @@ func handleTLSConfigure(w http.ResponseWriter, r *http.Request) {
return return
} }
config.TLS = data config.TLS = data
httpsServer.cond.Broadcast()
httpUpdateConfigReloadDNSReturnOK(w, r) httpUpdateConfigReloadDNSReturnOK(w, r)
} }