MCPcopy
hub / github.com/caddyserver/caddy / publishECHConfigs

Method publishECHConfigs

modules/caddytls/ech.go:314–519  ·  view source on GitHub ↗

publishECHConfigs publishes any configs that are configured for publication and which haven't been published already.

(logger *zap.Logger)

Source from the content-addressed store, hash-verified

312
313// publishECHConfigs publishes any configs that are configured for publication and which haven't been published already.
314func (t *TLS) publishECHConfigs(logger *zap.Logger) error {
315 // make publication exclusive, since we don't need to repeat this unnecessarily
316 storage := t.ctx.Storage()
317 const echLockName = "ech_publish"
318 if err := storage.Lock(t.ctx, echLockName); err != nil {
319 return err
320 }
321 defer func() {
322 if err := storage.Unlock(t.ctx, echLockName); err != nil {
323 logger.Error("unable to unlock ECH provisioning in storage", zap.Error(err))
324 }
325 }()
326
327 // get the publication config, or use a default if not specified
328 // (the default publication config should be to publish all ECH
329 // configs to the app-global DNS provider; if no DNS provider is
330 // configured, then this whole function is basically a no-op)
331 publicationList := t.EncryptedClientHello.Publication
332 if publicationList == nil {
333 if dnsProv, ok := t.dns.(ECHDNSProvider); ok {
334 publicationList = []*ECHPublication{
335 {
336 publishers: []ECHPublisher{
337 &ECHDNSPublisher{
338 provider: dnsProv,
339 logger: logger,
340 },
341 },
342 },
343 }
344 }
345 }
346
347 // for each publication config, build the list of ECH configs to
348 // publish with it, and figure out which inner names to publish
349 // to/for, then publish
350 for _, publication := range publicationList {
351 t.EncryptedClientHello.configsMu.RLock()
352 // this publication is either configured for specific ECH configs,
353 // or we just use an implied default of all ECH configs
354 var echCfgList echConfigList
355 var configIDs []uint8 // TODO: use IDs or the outer names?
356 if publication.Configs == nil {
357 // by default, publish all configs
358 for _, configs := range t.EncryptedClientHello.configs {
359 echCfgList = append(echCfgList, configs...)
360 for _, c := range configs {
361 configIDs = append(configIDs, c.ConfigID)
362 }
363 }
364 } else {
365 for _, cfgOuterName := range publication.Configs {
366 if cfgList, ok := t.EncryptedClientHello.configs[cfgOuterName]; ok {
367 echCfgList = append(echCfgList, cfgList...)
368 for _, c := range cfgList {
369 configIDs = append(configIDs, c.ConfigID)
370 }
371 }

Callers 1

StartMethod · 0.95

Calls 8

MarshalBinaryMethod · 0.95
echMetaKeyFunction · 0.85
StorageMethod · 0.80
PublisherKeyMethod · 0.65
PublishECHConfigListMethod · 0.65
ErrorMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected