Move local DoH configuration to its own section

jedisct1 · jedisct1 · commit 6a679cc54363 · 2019-11-28T17:04:29.000+01:00
diff --git a/dnscrypt-proxy/config.go b/dnscrypt-proxy/config.go
@@ -27,15 +27,13 @@ const (
 )
 
 type Config struct {
-	LogLevel                 int      `toml:"log_level"`
-	LogFile                  *string  `toml:"log_file"`
-	UseSyslog                bool     `toml:"use_syslog"`
-	ServerNames              []string `toml:"server_names"`
-	DisabledServerNames      []string `toml:"disabled_server_names"`
-	ListenAddresses          []string `toml:"listen_addresses"`
-	LocalDoHListenAddresses  []string `toml:"local_doh_listen_addresses"`
-	LocalDoHCertFile         string   `toml:"local_doh_cert_file"`
-	LocalDoHCertKeyFile      string   `toml:"local_doh_cert_key_file"`
+	LogLevel                 int            `toml:"log_level"`
+	LogFile                  *string        `toml:"log_file"`
+	UseSyslog                bool           `toml:"use_syslog"`
+	ServerNames              []string       `toml:"server_names"`
+	DisabledServerNames      []string       `toml:"disabled_server_names"`
+	ListenAddresses          []string       `toml:"listen_addresses"`
+	LocalDoH                 LocalDoHConfig `toml:"local_doh"`
 	Daemonize                bool
 	UserName                 string `toml:"user_name"`
 	ForceTCP                 bool   `toml:"force_tcp"`
@@ -97,9 +95,6 @@ func newConfig() Config {
 	return Config{
 		LogLevel:                 int(dlog.LogLevel()),
 		ListenAddresses:          []string{"127.0.0.1:53"},
-		LocalDoHListenAddresses:  []string{"127.0.0.1:443"},
-		LocalDoHCertFile:         "localhost.pem",
-		LocalDoHCertKeyFile:      "localhost.pem",
 		Timeout:                  5000,
 		KeepAlive:                5,
 		CertRefreshDelay:         240,
@@ -195,6 +190,12 @@ type BrokenImplementationsConfig struct {
 	BrokenQueryPadding []string `toml:"broken_query_padding"`
 }
 
+type LocalDoHConfig struct {
+	ListenAddresses []string `toml:"listen_addresses"`
+	CertFile        string   `toml:"cert_file"`
+	CertKeyFile     string   `toml:"cert_key_file"`
+}
+
 type ServerSummary struct {
 	Name        string   `json:"name"`
 	Proto       string   `json:"proto"`
@@ -331,7 +332,7 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	proxy.certRefreshDelayAfterFailure = time.Duration(10 * time.Second)
 	proxy.certIgnoreTimestamp = config.CertIgnoreTimestamp
 	proxy.ephemeralKeys = config.EphemeralKeys
-	if len(config.ListenAddresses) == 0 && len(config.LocalDoHListenAddresses) == 0 {
+	if len(config.ListenAddresses) == 0 && len(config.LocalDoH.ListenAddresses) == 0 {
 		dlog.Debug("No local IP/port configured")
 	}
 
@@ -355,9 +356,9 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	proxy.serversInfo.lbEstimator = config.LBEstimator
 
 	proxy.listenAddresses = config.ListenAddresses
-	proxy.localDoHListenAddresses = config.LocalDoHListenAddresses
-	proxy.localDoHCertFile = config.LocalDoHCertFile
-	proxy.localDoHCertKeyFile = config.LocalDoHCertKeyFile
+	proxy.localDoHListenAddresses = config.LocalDoH.ListenAddresses
+	proxy.localDoHCertFile = config.LocalDoH.CertFile
+	proxy.localDoHCertKeyFile = config.LocalDoH.CertKeyFile
 	proxy.daemonize = config.Daemonize
 	proxy.pluginBlockIPv6 = config.BlockIPv6
 	proxy.cache = config.Cache
diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml
@@ -340,6 +340,29 @@ cache_neg_max_ttl = 600
 
 
 
+##################################
+#        Local DoH server        #
+##################################
+
+[local_doh]
+
+## dnscrypt-proxy can act as a local DoH server. By doing so, web browsers
+## requiring a direct connection to a DoH server in order to enable some
+## features will enable these, without bypassing your DNS proxy..
+
+## Addresses that the local DoH server should listen to
+
+# listen_addresses = ['127.0.0.1:3000']
+
+
+## Certificate file and key - Note that the certificate has to be trusted.
+## See the Wiki for more information.
+
+# cert_file = "localhost.pem"
+# cert_key_file = "localhost.pem"
+
+
+
 ###############################
 #        Query logging        #
 ###############################
diff --git a/dnscrypt-proxy/proxy.go b/dnscrypt-proxy/proxy.go
@@ -184,7 +184,7 @@ func (proxy *Proxy) addLocalDoHListener(listenAddrStr string) {
 	}
 	FileDescriptorNum++
 
-	dlog.Noticef("Now listening to %v [HTTP]", listenAddrStr)
+	dlog.Noticef("Now listening to %v [DoH]", listenAddrStr)
 	go proxy.localDoHListener(listenerTCP.(*net.TCPListener))
 }
 
@@ -323,7 +323,7 @@ func (proxy *Proxy) localDoHListenerFromAddr(listenAddr *net.TCPAddr) error {
 	if err != nil {
 		return err
 	}
-	dlog.Noticef("Now listening to %v [HTTP]", listenAddr)
+	dlog.Noticef("Now listening to %v [DoH]", listenAddr)
 	go proxy.localDoHListener(acceptPc)
 	return nil
 }

Original file line number	Diff line number	Diff line change
`@@ -184,7 +184,7 @@ func (proxy *Proxy) addLocalDoHListener(listenAddrStr string) {`
`184`	`184`	`}`
`185`	`185`	`FileDescriptorNum++`
`186`	`186`
`187`		`- dlog.Noticef("Now listening to %v [HTTP]", listenAddrStr)`
	`187`	`+ dlog.Noticef("Now listening to %v [DoH]", listenAddrStr)`
`188`	`188`	`go proxy.localDoHListener(listenerTCP.(*net.TCPListener))`
`189`	`189`	`}`
`190`	`190`
`@@ -323,7 +323,7 @@ func (proxy Proxy) localDoHListenerFromAddr(listenAddr net.TCPAddr) error {`
`323`	`323`	`if err != nil {`
`324`	`324`	`return err`
`325`	`325`	`}`
`326`		`- dlog.Noticef("Now listening to %v [HTTP]", listenAddr)`
	`326`	`+ dlog.Noticef("Now listening to %v [DoH]", listenAddr)`
`327`	`327`	`go proxy.localDoHListener(acceptPc)`
`328`	`328`	`return nil`
`329`	`329`	`}`