add alternative port for _acme-challenge
This commit is contained in:
cynic
parent
d0fc2ff8e6
commit
2b23be6f74
@ -18,13 +18,14 @@ type MeshnameServer struct {
|
|||||||
networks map[string]*net.IPNet
|
networks map[string]*net.IPNet
|
||||||
meshipNetworks map[string]*net.IPNet
|
meshipNetworks map[string]*net.IPNet
|
||||||
enableMeshIP bool
|
enableMeshIP bool
|
||||||
|
acmePort string
|
||||||
|
|
||||||
startedLock sync.RWMutex
|
startedLock sync.RWMutex
|
||||||
started bool
|
started bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// New is a constructor for MeshnameServer
|
// New is a constructor for MeshnameServer
|
||||||
func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, meshipNetworks map[string]*net.IPNet, enableMeshIP bool) *MeshnameServer {
|
func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, meshipNetworks map[string]*net.IPNet, enableMeshIP bool, acmePort string) *MeshnameServer {
|
||||||
dnsClient := new(dns.Client)
|
dnsClient := new(dns.Client)
|
||||||
dnsClient.Timeout = 5000000000 // increased 5 seconds timeout
|
dnsClient.Timeout = 5000000000 // increased 5 seconds timeout
|
||||||
|
|
||||||
@ -35,6 +36,7 @@ func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, mes
|
|||||||
meshipNetworks: meshipNetworks,
|
meshipNetworks: meshipNetworks,
|
||||||
dnsClient: dnsClient,
|
dnsClient: dnsClient,
|
||||||
enableMeshIP: enableMeshIP,
|
enableMeshIP: enableMeshIP,
|
||||||
|
acmePort: acmePort,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,15 +145,33 @@ func (s *MeshnameServer) handleMeshnameRequest(w dns.ResponseWriter, r *dns.Msg)
|
|||||||
rm := new(dns.Msg)
|
rm := new(dns.Msg)
|
||||||
rm.RecursionDesired = true
|
rm.RecursionDesired = true
|
||||||
rm.Question = questions
|
rm.Question = questions
|
||||||
resp, _, err := s.dnsClient.Exchange(rm, "["+remoteServer+"]:53") // no retries
|
// when specified, we add an alternative port for acme challenge requests
|
||||||
|
portNumbers := []string{"53"}
|
||||||
|
qdomain := rm.Question[0].Name
|
||||||
|
dotIndex := strings.Index(qdomain, ".")
|
||||||
|
qsubdomain := qdomain[:dotIndex]
|
||||||
|
if rm.Question[0].Qtype == 16 && qsubdomain == "_acme-challenge" {
|
||||||
|
s.log.Debugln("Is acme challenge. Trying on port "+s.acmePort+" too.")
|
||||||
|
// add alternative port number
|
||||||
|
portNumbers = append([]string{s.acmePort}, portNumbers...)
|
||||||
|
}
|
||||||
|
// make request
|
||||||
|
err := error(nil)
|
||||||
|
for _, port := range portNumbers {
|
||||||
|
s.log.Debugln("trying port:"+port)
|
||||||
|
resp, _, err := s.dnsClient.Exchange(rm, "["+remoteServer+"]:"+port)
|
||||||
|
// if we had success we don't keep trying other ports
|
||||||
|
if err == nil {
|
||||||
|
s.log.Debugln(resp.String())
|
||||||
|
m.Answer = append(m.Answer, resp.Answer...)
|
||||||
|
m.Ns = append(m.Ns, resp.Ns...)
|
||||||
|
m.Extra = append(m.Extra, resp.Extra...)
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.log.Debugln(err)
|
s.log.Debugln(err)
|
||||||
continue
|
|
||||||
}
|
}
|
||||||
s.log.Debugln(resp.String())
|
|
||||||
m.Answer = append(m.Answer, resp.Answer...)
|
|
||||||
m.Ns = append(m.Ns, resp.Ns...)
|
|
||||||
m.Extra = append(m.Extra, resp.Extra...)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := w.WriteMsg(m); err != nil {
|
if err := w.WriteMsg(m); err != nil {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user