Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Dance
chirpstack
application-server
Commits
42b32088
Commit
42b32088
authored
Mar 19, 2022
by
Gaël Berthaud-Müller
Browse files
restrict access to a preconfigured domain list
parent
401cf87f
Changes
2
Hide whitespace changes
Inline
Side-by-side
internal/api/js/join_server.go
View file @
42b32088
...
...
@@ -26,6 +26,7 @@ var (
tlsKey
string
enableDane
bool
resolvConf
string
allowedDomains
[]
string
)
// Setup configures the package.
...
...
@@ -36,6 +37,7 @@ func Setup(conf config.Config) error {
tlsKey
=
conf
.
JoinServer
.
TLSKey
enableDane
=
conf
.
JoinServer
.
EnableDane
resolvConf
=
conf
.
JoinServer
.
ResolvConf
allowedDomains
=
conf
.
JoinServer
.
AllowedDomains
log
.
WithFields
(
log
.
Fields
{
"bind"
:
bind
,
...
...
@@ -65,7 +67,15 @@ func Setup(conf config.Config) error {
if
enableDane
{
go
func
()
{
err
:=
dance
.
HttpServeAndListen
(
bind
,
tlsCert
,
tlsKey
,
resolvConf
,
handler
)
danceConfig
:=
dance
.
Config
{
CertFile
:
tlsCert
,
KeyFile
:
tlsKey
,
ResolverConf
:
resolvConf
,
}
if
len
(
allowedDomains
)
>
0
{
danceConfig
.
AuthorizationCallback
=
dance
.
GetDomainAllowListCallback
(
allowedDomains
)
}
err
:=
dance
.
HttpServeAndListen
(
bind
,
&
danceConfig
,
handler
)
log
.
WithError
(
err
)
.
Fatal
(
"api/js: join-server api error"
)
}()
...
...
internal/config/config.go
View file @
42b32088
...
...
@@ -96,6 +96,7 @@ type Config struct {
TLSCert
string
`mapstructure:"tls_cert"`
TLSKey
string
`mapstructure:"tls_key"`
EnableDane
bool
`mapstructure:"enable_dane"`
AllowedDomains
[]
string
`mapstructure:"allowed_client_domains"`
ResolvConf
string
`mapstructure:"resolv_conf"`
KEK
struct
{
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment