Mercurial > lbo > hg > dnsoverrpc
changeset 1:f9cbcf818af6
Enable encryption to work
author | Lewin Bormann <lbo@spheniscida.de> |
---|---|
date | Thu, 01 Oct 2020 11:56:03 +0200 |
parents | d31b0316199e |
children | 9cb09adb4740 |
files | client/client.go server/server.go |
diffstat | 2 files changed, 17 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/client/client.go Thu Oct 01 11:09:51 2020 +0200 +++ b/client/client.go Thu Oct 01 11:56:03 2020 +0200 @@ -78,16 +78,19 @@ rpclog.SetLoglevel(rpclog.LOGLEVEL_INFO) addr := flag.String("addr", "127.0.0.1:5353", "Listen address for DNS stub") - serverAddr := flag.String("server", "127.0.0.1:53", "Upstream resolver address") - pubkeyfile := flag.String("pubkeyfile", "", "Public key file for RPC encryption") - privkeyfile := flag.String("privkeyfile", "", "Private key file for RPC encryption") + serverAddr := flag.String("server", "127.0.0.1:53", "DNSOverRPC server address") + pubkeyfile := flag.String("pubkeyfile", "", "Public key file of the server for RPC encryption") flag.Parse() sm := securitymanager.NewClientSecurityManager() - sm.LoadKeys(*pubkeyfile, *privkeyfile) - if *pubkeyfile == "" || *privkeyfile == "" { + if *pubkeyfile == "" { sm = nil + } else { + err := sm.LoadServerPubkey(*pubkeyfile) + if err != nil { + log.Fatal(err) + } } host, port, err := net.SplitHostPort(*serverAddr)
--- a/server/server.go Thu Oct 01 11:09:51 2020 +0200 +++ b/server/server.go Thu Oct 01 11:56:03 2020 +0200 @@ -121,10 +121,17 @@ flag.Parse() sm := securitymanager.NewServerSecurityManager() - sm.LoadKeys(*pubkeyfile, *privkeyfile) if *pubkeyfile == "" || *privkeyfile == "" { sm = nil + log.Print("null policy") + } else { + err := sm.LoadKeys(*pubkeyfile, *privkeyfile) + if err != nil { + log.Fatal(err) + } + log.Print("CURVE policy") } + sm.ResetBlackWhiteLists() host, port, err := net.SplitHostPort(*addr) if err != nil { @@ -134,7 +141,7 @@ if err != nil { log.Fatal(err) } - srv, err := server.NewServer(host, uint(iport), 2, nil) + srv, err := server.NewServer(host, uint(iport), 2, sm) if err != nil { log.Fatal(err) }