Mirrors/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2026-05-22 05:46:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove TLS root validation

Browse Source 
This is just too complicated compared to the per-peer/per-listener/per-interface password
approach.
This commit is contained in:
Neil Alexander
2023-10-11 18:25:35 +01:00
parent 6dc847de31
commit 45b773eade
7 changed files with 29 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/core/link_tcp.go
View File

@@ -69,9 +69,6 @@ func (l *linkTCP) dialersFor(url *url.URL, info linkInfo) ([]*tcpDialer, error)
}
func (l *linkTCP) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
if l.core.isTLSOnly() {
return nil, fmt.Errorf("TCP peer prohibited in TLS-only mode")
}
dialers, err := l.dialersFor(url, info)
if err != nil {
return nil, err
@@ -92,9 +89,6 @@ func (l *linkTCP) dial(ctx context.Context, url *url.URL, info linkInfo, options
}
func (l *linkTCP) listen(ctx context.Context, url *url.URL, sintf string) (net.Listener, error) {
if l.core.isTLSOnly() {
return nil, fmt.Errorf("TCP listener prohibited in TLS-only mode")
}
hostport := url.Host
if sintf != "" {
if host, port, err := net.SplitHostPort(hostport); err == nil {