middleware/tls/tls.go

package tls

import (
	"github.com/coredns/coredns/core/dnsserver"
	"github.com/coredns/coredns/middleware"
	"github.com/coredns/coredns/middleware/pkg/tls"

	"github.com/mholt/caddy"
)

func init() {
	caddy.RegisterPlugin("tls", caddy.Plugin{
		ServerType: "dns",
		Action:     setup,
	})
}

func setup(c *caddy.Controller) error {
	config := dnsserver.GetConfig(c)

	if config.TLSConfig != nil {
		return middleware.Error("tls", c.Errf("TLS already configured for this server instance"))
	}

	for c.Next() {
		args := c.RemainingArgs()
		if len(args) != 3 {
			return middleware.Error("tls", c.ArgErr())
		}
		tls, err := tls.NewTLSConfig(args[0], args[1], args[2])
		if err != nil {
			return middleware.Error("tls", c.ArgErr())
		}
		config.TLSConfig = tls
	}
	return nil
}
core: add more transports (#574) * core: add listening for other protocols Allow CoreDNS to listen for TLS request coming over port 853. This can be enabled with `tls://` in the config file. Implement listening for grps:// as well. a Corefile like: ~~~ . tls://.:1853 { whoami tls } ~~~ Means we listen on 1853 for tls requests, the `tls` config item allows configuration for TLS parameters. We might be tempted to use Caddy's Let's Encrypt implementation here. * Refactor coredns/grpc into CoreDNS This makes gRPC a first class citizen in CoreDNS. Add defines as being just another server. * some cleanups * unexport the servers * Move protobuf dir * Hook up TLS properly * Fix test * listen for TLS as well. README updates * disable test, fix package * fix test * Fix tests * Fix remaining test * Some tests * Make the test work * Add grpc test from #580 * fix crash * Fix tests * Close conn * README cleanups * README * link RFC 2017-03-13 20:24:37 +00:00			`package tls`

			`import (`
			`"github.com/coredns/coredns/core/dnsserver"`
			`"github.com/coredns/coredns/middleware"`
			`"github.com/coredns/coredns/middleware/pkg/tls"`

			`"github.com/mholt/caddy"`
			`)`

			`func init() {`
			`caddy.RegisterPlugin("tls", caddy.Plugin{`
			`ServerType: "dns",`
			`Action: setup,`
			`})`
			`}`

			`func setup(c *caddy.Controller) error {`
			`config := dnsserver.GetConfig(c)`

			`if config.TLSConfig != nil {`
			`return middleware.Error("tls", c.Errf("TLS already configured for this server instance"))`
			`}`

			`for c.Next() {`
			`args := c.RemainingArgs()`
			`if len(args) != 3 {`
			`return middleware.Error("tls", c.ArgErr())`
			`}`
			`tls, err := tls.NewTLSConfig(args[0], args[1], args[2])`
			`if err != nil {`
			`return middleware.Error("tls", c.ArgErr())`
			`}`
			`config.TLSConfig = tls`
			`}`
			`return nil`
			`}`