server

package
v1.6.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2026 License: MIT Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertManager added in v1.6.0 

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager manages TLS certificates with automatic reloading

func NewCertManager added in v1.6.0 

func NewCertManager(certPath, keyPath string) (*CertManager, error)

NewCertManager creates a new certificate manager

func (*CertManager) GetCertificate added in v1.6.0 

func (cm *CertManager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns the current certificate

func (*CertManager) GetTLSConfig added in v1.6.0 

func (cm *CertManager) GetTLSConfig() *tls.Config

GetTLSConfig returns a TLS config that uses dynamic certificate loading Each call returns a fresh config to avoid race conditions

func (*CertManager) Reload added in v1.6.0 

func (cm *CertManager) Reload() error

Reload forces a certificate reload

func (*CertManager) Stop added in v1.6.0 

func (cm *CertManager) Stop()

Stop stops the certificate manager and waits for cleanup

type Listener added in v1.6.4 

type Listener interface {
	// Proto returns the transport tag — "udp", "tcp", "tls", "doh",
	// "doh3", "doq" — used for logging and metrics.
	Proto() string

	// Addr returns the configured bind address.
	Addr() string

	// Bind acquires the underlying socket (and any TLS material it
	// needs) synchronously. A non-nil return means the listener is
	// not ready to serve.
	Bind(ctx context.Context) error

	// Serve blocks until Shutdown is called or the socket is closed.
	// It must only be called after a successful Bind.
	Serve(ctx context.Context) error

	// Shutdown releases the underlying socket. Safe to call before
	// Serve or after Serve has already returned.
	Shutdown(ctx context.Context) error

	// Critical reports whether a Bind failure on this listener should
	// abort server startup. Plain DNS (UDP+TCP on cfg.Bind) is
	// critical; optional services (TLS, DoH, DoH3, DoQ) are not —
	// a missing cert or misconfigured addr only disables that service.
	Critical() bool

	// Serving reports whether the Serve loop is currently active.
	// This is stricter than "Bind succeeded": QUIC-based listeners
	// (DoH3, DoQ) complete their real startup inside Serve, so a
	// listener can be bound but not actually serving if Serve
	// returned an error during its own setup phase.
	Serving() bool
}

Listener is the lifecycle contract for a single DNS service endpoint (UDP, TCP, DoT, DoH, DoH3, DoQ). It separates bind from serve so that the Server can fail fast on port-in-use, missing cert, etc. instead of swallowing the error inside a background goroutine.

Lifecycle: Bind → Serve → Shutdown. Bind may be called at most once. Serve returns when Shutdown is called or the underlying socket closes. Shutdown is idempotent.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server type.

func New 

func New(cfg *config.Config) *Server

New return new server.

func (*Server) GetTLSConfig added in v1.6.4 

func (s *Server) GetTLSConfig() *tls.Config

GetTLSConfig satisfies certProvider. It lazily materialises the shared CertManager on first TLS listener Bind and hands out its live TLS config (with rotation hooks) to each listener that asks.

func (*Server) HasListener added in v1.6.4 

func (s *Server) HasListener(proto string) bool

HasListener reports whether a listener with the given proto tag is actually serving right now — stricter than "Bind succeeded". DoH3 and DoQ do their real QUIC bring-up inside Serve, so checking only membership in s.active can report success even when the transport never started. Asking the listener via Serving() gives the truth.

func (*Server) ReloadCertificate added in v1.6.0 

func (s *Server) ReloadCertificate() error

ReloadCertificate forces a certificate reload on all TLS listeners.

func (*Server) Run 

func (s *Server) Run(ctx context.Context) error

Run binds every configured listener synchronously, returns a non-nil error if a critical listener (plain DNS UDP/TCP) could not bind, and otherwise spawns Serve goroutines that run until ctx is cancelled. Run itself is non-blocking — main waits on ctx and polls Stopped for graceful shutdown.

func (*Server) ServeDNS 

func (s *Server) ServeDNS(w dns.ResponseWriter, r *dns.Msg)

(*Server).ServeDNS serveDNS implements the Handle interface.

func (*Server) ServeHTTP 

func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements http.Handler (DoH + DoH3).

func (*Server) Stop added in v1.6.0 

func (s *Server) Stop()

Stop releases long-lived resources (currently just the cert manager).

func (*Server) Stopped added in v1.3.2 

func (s *Server) Stopped() bool

Stopped reports whether every Serve goroutine has exited. Used by sdns.go for graceful-shutdown polling.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.