/*
+tofuproxy -- HTTP proxy with TLS certificates management
Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
This program is free software: you can redistribute it and/or modify
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-package main
+package tofuproxy
import (
"crypto/sha256"
"github.com/miekg/dns"
)
-var (
- dnsSrv *string
-)
+var DNSSrv string
func dane(addr string, cert *x509.Certificate) (bool, bool) {
- if *dnsSrv == "" {
+ if DNSSrv == "" {
return false, false
}
host := addr
}
m := new(dns.Msg)
m.SetQuestion(dns.Fqdn(fmt.Sprintf("_%s._tcp.%s", port, host)), dns.TypeTLSA)
- msg, err := dns.Exchange(m, *dnsSrv)
+ msg, err := dns.Exchange(m, DNSSrv)
if err != nil {
log.Printf("DNS: %+v\n", err)
return false, false