Fix ssl configuration

2025-08-19 03:16:58 +02:00 · 2024-07-01 11:50:18 +02:00
parent ed82ef7fe4
commit d3785dc1fa
7 changed files with 164 additions and 89 deletions
--- a/relay/server/listener/ws/listener.go
+++ b/relay/server/listener/ws/listener.go
@@ -2,6 +2,7 @@ package ws

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net"
@@ -10,35 +11,37 @@ import (

 	log "github.com/sirupsen/logrus"
 	"nhooyr.io/websocket"
-
-	"github.com/netbirdio/netbird/relay/server/listener"
 )

 type Listener struct {
-	address string
+	// Address is the address to listen on.
+	Address string
+	// TLSConfig is the TLS configuration for the server.
+	TLSConfig *tls.Config

 	server   *http.Server
 	acceptFn func(conn net.Conn)
 }

-func NewListener(address string) listener.Listener {
-	return &Listener{
-		address: address,
-	}
-}
-
 func (l *Listener) Listen(acceptFn func(conn net.Conn)) error {
 	l.acceptFn = acceptFn
 	mux := http.NewServeMux()
 	mux.HandleFunc("/", l.onAccept)

 	l.server = &http.Server{
-		Addr:    l.address,
-		Handler: mux,
+		Addr:      l.Address,
+		Handler:   mux,
+		TLSConfig: l.TLSConfig,
 	}

-	log.Infof("WS server is listening on address: %s", l.address)
-	err := l.server.ListenAndServe()
+	log.Infof("WS server is listening on address: %s", l.Address)
+	var err error
+	if l.TLSConfig != nil {
+		err = l.server.ListenAndServeTLS("", "")
+
+	} else {
+		err = l.server.ListenAndServe()
+	}
 	if errors.Is(err, http.ErrServerClosed) {
 		return nil
 	}
--- a/relay/server/server.go
+++ b/relay/server/server.go
@@ -2,6 +2,7 @@ package server

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"sync"
 	"time"
@@ -13,6 +14,11 @@ import (
 	"github.com/netbirdio/netbird/relay/server/listener/ws"
 )

+type Config struct {
+	Address   string
+	TLSConfig *tls.Config
+}
+
 type Server struct {
 	relay       *Relay
 	uDPListener listener.Listener
@@ -25,11 +31,15 @@ func NewServer() *Server {
 	}
 }

-func (r *Server) Listen(address string) error {
+func (r *Server) Listen(cfg Config) error {
 	wg := sync.WaitGroup{}
 	wg.Add(2)

-	r.wSListener = ws.NewListener(address)
+	r.wSListener = &ws.Listener{
+		Address:   cfg.Address,
+		TLSConfig: cfg.TLSConfig,
+	}
+
 	var wslErr error
 	go func() {
 		defer wg.Done()
@@ -39,7 +49,7 @@ func (r *Server) Listen(address string) error {
 		}
 	}()

-	r.uDPListener = udp.NewListener(address)
+	r.uDPListener = udp.NewListener(cfg.Address)
 	var udpLErr error
 	go func() {
 		defer wg.Done()