mirror of
https://github.com/octoleo/syncthing.git
synced 2024-12-31 22:11:51 +00:00
cmd/stdiscosrv: Separate HTTPS and replication certificates
This commit is contained in:
parent
480fa4b915
commit
a04cc95005
@ -74,6 +74,8 @@ func main() {
|
|||||||
var replicationPeers string
|
var replicationPeers string
|
||||||
var certFile string
|
var certFile string
|
||||||
var keyFile string
|
var keyFile string
|
||||||
|
var replCertFile string
|
||||||
|
var replKeyFile string
|
||||||
var useHTTP bool
|
var useHTTP bool
|
||||||
var largeDB bool
|
var largeDB bool
|
||||||
|
|
||||||
@ -81,14 +83,16 @@ func main() {
|
|||||||
log.SetFlags(0)
|
log.SetFlags(0)
|
||||||
|
|
||||||
flag.StringVar(&certFile, "cert", "./cert.pem", "Certificate file")
|
flag.StringVar(&certFile, "cert", "./cert.pem", "Certificate file")
|
||||||
|
flag.StringVar(&keyFile, "key", "./key.pem", "Key file")
|
||||||
flag.StringVar(&dir, "db-dir", "./discovery.db", "Database directory")
|
flag.StringVar(&dir, "db-dir", "./discovery.db", "Database directory")
|
||||||
flag.BoolVar(&debug, "debug", false, "Print debug output")
|
flag.BoolVar(&debug, "debug", false, "Print debug output")
|
||||||
flag.BoolVar(&useHTTP, "http", false, "Listen on HTTP (behind an HTTPS proxy)")
|
flag.BoolVar(&useHTTP, "http", false, "Listen on HTTP (behind an HTTPS proxy)")
|
||||||
flag.StringVar(&listen, "listen", ":8443", "Listen address")
|
flag.StringVar(&listen, "listen", ":8443", "Listen address")
|
||||||
flag.StringVar(&keyFile, "key", "./key.pem", "Key file")
|
|
||||||
flag.StringVar(&metricsListen, "metrics-listen", "", "Metrics listen address")
|
flag.StringVar(&metricsListen, "metrics-listen", "", "Metrics listen address")
|
||||||
flag.StringVar(&replicationPeers, "replicate", "", "Replication peers, id@address, comma separated")
|
flag.StringVar(&replicationPeers, "replicate", "", "Replication peers, id@address, comma separated")
|
||||||
flag.StringVar(&replicationListen, "replication-listen", ":19200", "Replication listen address")
|
flag.StringVar(&replicationListen, "replication-listen", ":19200", "Replication listen address")
|
||||||
|
flag.StringVar(&replCertFile, "replication-cert", "", "Certificate file for replication")
|
||||||
|
flag.StringVar(&replKeyFile, "replication-key", "", "Key file for replication")
|
||||||
flag.BoolVar(&largeDB, "large-db", false, "Use larger database settings")
|
flag.BoolVar(&largeDB, "large-db", false, "Use larger database settings")
|
||||||
showVersion := flag.Bool("version", false, "Show version")
|
showVersion := flag.Bool("version", false, "Show version")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
@ -120,6 +124,16 @@ func main() {
|
|||||||
devID := protocol.NewDeviceID(cert.Certificate[0])
|
devID := protocol.NewDeviceID(cert.Certificate[0])
|
||||||
log.Println("Server device ID is", devID)
|
log.Println("Server device ID is", devID)
|
||||||
|
|
||||||
|
replCert := cert
|
||||||
|
if replCertFile != "" && replKeyFile != "" {
|
||||||
|
replCert, err = tls.LoadX509KeyPair(replCertFile, replKeyFile)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatalln("Failed to load replication keypair:", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
replDevID := protocol.NewDeviceID(replCert.Certificate[0])
|
||||||
|
log.Println("Replication device ID is", replDevID)
|
||||||
|
|
||||||
// Parse the replication specs, if any.
|
// Parse the replication specs, if any.
|
||||||
var allowedReplicationPeers []protocol.DeviceID
|
var allowedReplicationPeers []protocol.DeviceID
|
||||||
var replicationDestinations []string
|
var replicationDestinations []string
|
||||||
@ -174,14 +188,14 @@ func main() {
|
|||||||
// Start any replication senders.
|
// Start any replication senders.
|
||||||
var repl replicationMultiplexer
|
var repl replicationMultiplexer
|
||||||
for _, dst := range replicationDestinations {
|
for _, dst := range replicationDestinations {
|
||||||
rs := newReplicationSender(dst, cert, allowedReplicationPeers)
|
rs := newReplicationSender(dst, replCert, allowedReplicationPeers)
|
||||||
main.Add(rs)
|
main.Add(rs)
|
||||||
repl = append(repl, rs)
|
repl = append(repl, rs)
|
||||||
}
|
}
|
||||||
|
|
||||||
// If we have replication configured, start the replication listener.
|
// If we have replication configured, start the replication listener.
|
||||||
if len(allowedReplicationPeers) > 0 {
|
if len(allowedReplicationPeers) > 0 {
|
||||||
rl := newReplicationListener(replicationListen, cert, allowedReplicationPeers, db)
|
rl := newReplicationListener(replicationListen, replCert, allowedReplicationPeers, db)
|
||||||
main.Add(rl)
|
main.Add(rl)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user