diff --git a/.travis.yml b/.travis.yml index bb438884..cb0aabc6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,7 @@ language: go sudo: false go: - - 1.11.x + - 1.12.x - 1.x os: - linux @@ -38,7 +38,7 @@ matrix: # Release build configuration - name: release go: - - 1.11.x + - 1.12.x os: - linux @@ -66,7 +66,7 @@ matrix: - name: docker if: type != pull_request AND (branch = master OR tag IS present) go: - - 1.11.x + - 1.12.x os: - linux services: diff --git a/README.md b/README.md index 054fc951..84f1a194 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ Alternatively, you can use our [official Docker image](https://hub.docker.com/r/ You will need: - * [go](https://golang.org/dl/) v1.11 or later. + * [go](https://golang.org/dl/) v1.12 or later. * [node.js](https://nodejs.org/en/download/) v10 or later. You can either install it via the provided links or use [brew.sh](https://brew.sh/) if you're on Mac: diff --git a/app.go b/app.go index a9ced17f..18d45b2e 100644 --- a/app.go +++ b/app.go @@ -69,6 +69,9 @@ func run(args options) { // configure log level and output configureLogger(args) + // enable TLS 1.3 + enableTLS13() + // print the first message after logger is configured log.Printf("AdGuard Home, version %s\n", VersionString) log.Debug("Current working directory is %s", config.ourWorkingDir) @@ -176,13 +179,13 @@ func run(args options) { } address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS)) // validate current TLS config and update warnings (it could have been loaded from file) - data := validateCertificates(config.TLS) - if !data.usable { + data := validateCertificates(config.TLS.CertificateChain, config.TLS.PrivateKey, config.TLS.ServerName) + if !data.ValidPair { log.Fatal(data.WarningValidation) os.Exit(1) } config.Lock() - config.TLS = data // update warnings + config.TLS.tlsConfigStatus = data // update warnings config.Unlock() // prepare certs for HTTPS server @@ -293,6 +296,14 @@ func configureLogger(args options) { } } +// TODO after GO 1.13 release TLS 1.3 will be enabled by default. Remove this afterward +func enableTLS13() { + err := os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1") + if err != nil { + log.Fatalf("Failed to enable TLS 1.3: %s", err) + } +} + func cleanup() { log.Info("Stopping AdGuard Home") diff --git a/client/src/components/Settings/Encryption/Form.js b/client/src/components/Settings/Encryption/Form.js index f4b01560..fd43f933 100644 --- a/client/src/components/Settings/Encryption/Form.js +++ b/client/src/components/Settings/Encryption/Form.js @@ -57,6 +57,7 @@ let Form = (props) => { valid_chain, valid_key, valid_cert, + valid_pair, dns_names, key_type, issuer, @@ -65,6 +66,15 @@ let Form = (props) => { setTlsConfig, } = props; + const isSavingDisabled = invalid + || submitting + || processingConfig + || processingValidate + || (isEnabled && (!privateKey || !certificateChain)) + || (privateKey && !valid_key) + || (certificateChain && !valid_cert) + || (privateKey && certificateChain && !valid_pair); + return (