yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-28 22:25:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove TLS root validation

Browse source 
This is just too complicated compared to the per-peer/per-listener/per-interface password
approach.
This commit is contained in:
Neil Alexander 2023-10-11 18:25:35 +01:00
parent 6dc847de31
commit 45b773eade
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
7 changed files with 29 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/core/link_tcp.go
View file

@ -69,9 +69,6 @@ func (l *linkTCP) dialersFor(url *url.URL, info linkInfo) ([]*tcpDialer, error)
}
func (l *linkTCP) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
if l.core.isTLSOnly() {
return nil, fmt.Errorf("TCP peer prohibited in TLS-only mode")
}
dialers, err := l.dialersFor(url, info)
if err != nil {
return nil, err
@ -92,9 +89,6 @@ func (l *linkTCP) dial(ctx context.Context, url *url.URL, info linkInfo, options
}
func (l *linkTCP) listen(ctx context.Context, url *url.URL, sintf string) (net.Listener, error) {
if l.core.isTLSOnly() {
return nil, fmt.Errorf("TCP listener prohibited in TLS-only mode")
}
hostport := url.Host
if sintf != "" {
if host, port, err := net.SplitHostPort(hostport); err == nil {