From 9e73c1db761f8220a4b0ddbccac942710533687e Mon Sep 17 00:00:00 2001 From: Derek Collison Date: Thu, 12 May 2016 16:47:01 -0700 Subject: [PATCH 1/4] Enable listen address parsing for client, cluster and http, enforce http hosts as separate --- server/monitor_test.go | 1 + server/opts.go | 56 +++++++++++++++++++++++++ server/opts_test.go | 83 ++++++++++++++++++++++++++++++++++++- server/server.go | 4 +- test/configs/auth_seed.conf | 6 +-- test/configs/cluster.conf | 6 +-- test/configs/override.conf | 3 +- test/configs/seed.conf | 6 +-- test/configs/srv_a.conf | 6 +-- test/configs/srv_a_tls.conf | 6 +-- test/configs/srv_b.conf | 6 +-- test/configs/srv_b_tls.conf | 6 +-- test/configs/tls.conf | 3 +- test/monitor_test.go | 35 ++++++++++++++++ test/opts_test.go | 6 +-- 15 files changed, 194 insertions(+), 39 deletions(-) diff --git a/server/monitor_test.go b/server/monitor_test.go index e948007a..93d6c9d2 100644 --- a/server/monitor_test.go +++ b/server/monitor_test.go @@ -23,6 +23,7 @@ const CLUSTER_PORT = 12444 var DefaultMonitorOptions = Options{ Host: "localhost", Port: CLIENT_PORT, + HTTPHost: "127.0.0.1", HTTPPort: MONITOR_PORT, ClusterHost: "localhost", ClusterPort: CLUSTER_PORT, diff --git a/server/opts.go b/server/opts.go index 123ea854..44f92337 100644 --- a/server/opts.go +++ b/server/opts.go @@ -32,6 +32,7 @@ type Options struct { Authorization string `json:"-"` PingInterval time.Duration `json:"ping_interval"` MaxPingsOut int `json:"ping_max"` + HTTPHost string `json:"http_host"` HTTPPort int `json:"http_port"` HTTPSPort int `json:"https_port"` AuthTimeout float64 `json:"auth_timeout"` @@ -120,6 +121,13 @@ func ProcessConfigFile(configFile string) (*Options, error) { for k, v := range m { switch strings.ToLower(k) { + case "listen": + hp, err := parseListen(v) + if err != nil { + return nil, err + } + opts.Host = hp.host + opts.Port = hp.port case "port": opts.Port = int(v.(int64)) case "host", "net": @@ -136,6 +144,20 @@ func ProcessConfigFile(configFile string) (*Options, error) { opts.Username = auth.user opts.Password = auth.pass opts.AuthTimeout = auth.timeout + case "http": + hp, err := parseListen(v) + if err != nil { + return nil, err + } + opts.HTTPHost = hp.host + opts.HTTPPort = hp.port + case "https": + hp, err := parseListen(v) + if err != nil { + return nil, err + } + opts.HTTPHost = hp.host + opts.HTTPSPort = hp.port case "http_port", "monitor_port": opts.HTTPPort = int(v.(int64)) case "https_port": @@ -178,10 +200,44 @@ func ProcessConfigFile(configFile string) (*Options, error) { return opts, nil } +// hostPort is simple struct to hold parsed listen/addr strings. +type hostPort struct { + host string + port int +} + +// parseListen will parse listen option which is replacing host/net and port +func parseListen(v interface{}) (*hostPort, error) { + hp := &hostPort{} + switch v.(type) { + // Only a port + case int64: + hp.port = int(v.(int64)) + case string: + host, port, err := net.SplitHostPort(v.(string)) + if err != nil { + return nil, fmt.Errorf("Could not parse address string %q", v) + } + hp.port, err = strconv.Atoi(port) + if err != nil { + return nil, fmt.Errorf("Could not parse port %q", port) + } + hp.host = host + } + return hp, nil +} + // parseCluster will parse the cluster config. func parseCluster(cm map[string]interface{}, opts *Options) error { for mk, mv := range cm { switch strings.ToLower(mk) { + case "listen": + hp, err := parseListen(mv) + if err != nil { + return err + } + opts.ClusterHost = hp.host + opts.ClusterPort = hp.port case "port": opts.ClusterPort = int(mv.(int64)) case "host", "net": diff --git a/server/opts_test.go b/server/opts_test.go index 5c2c3765..e410a15a 100644 --- a/server/opts_test.go +++ b/server/opts_test.go @@ -1,4 +1,4 @@ -// Copyright 2013-2015 Apcera Inc. All rights reserved. +// Copyright 2013-2016 Apcera Inc. All rights reserved. package server @@ -308,3 +308,84 @@ func TestRouteFlagOverrideWithMultiple(t *testing.T) { golden, merged) } } + +func TestListenConfig(t *testing.T) { + opts, err := ProcessConfigFile("./configs/listen.conf") + if err != nil { + t.Fatalf("Received an error reading config file: %v\n", err) + } + processOptions(opts) + + // Normal clients + host := "10.0.1.22" + port := 4422 + + if opts.Host != host { + t.Fatalf("Received incorrect host %q, expected %q\n", opts.Host, host) + } + if opts.Port != port { + t.Fatalf("Received incorrect port %v, expected %v\n", opts.Port, port) + } + + // Clustering + clusterHost := "127.0.0.1" + clusterPort := 4244 + + if opts.ClusterHost != clusterHost { + t.Fatalf("Received incorrect cluster host %q, expected %q\n", opts.ClusterHost, clusterHost) + } + if opts.ClusterPort != clusterPort { + t.Fatalf("Received incorrect cluster port %v, expected %v\n", opts.ClusterPort, clusterPort) + } + + // HTTP + httpHost := "127.0.0.1" + httpPort := 8422 + + if opts.HTTPHost != httpHost { + t.Fatalf("Received incorrect http host %q, expected %q\n", opts.HTTPHost, httpHost) + } + if opts.HTTPPort != httpPort { + t.Fatalf("Received incorrect http port %v, expected %v\n", opts.HTTPPort, httpPort) + } + + // HTTPS + httpsPort := 9443 + if opts.HTTPSPort != httpsPort { + t.Fatalf("Received incorrect https port %v, expected %v\n", opts.HTTPSPort, httpsPort) + } +} + +func TestListenPortOnlyConfig(t *testing.T) { + opts, err := ProcessConfigFile("./configs/listen_port.conf") + if err != nil { + t.Fatalf("Received an error reading config file: %v\n", err) + } + processOptions(opts) + + port := 8922 + + if opts.Host != DEFAULT_HOST { + t.Fatalf("Received incorrect host %q, expected %q\n", opts.Host, DEFAULT_HOST) + } + if opts.Port != port { + t.Fatalf("Received incorrect port %v, expected %v\n", opts.Port, port) + } +} + +func TestListenPortWithColonConfig(t *testing.T) { + opts, err := ProcessConfigFile("./configs/listen_port_with_colon.conf") + if err != nil { + t.Fatalf("Received an error reading config file: %v\n", err) + } + processOptions(opts) + + port := 8922 + + if opts.Host != DEFAULT_HOST { + t.Fatalf("Received incorrect host %q, expected %q\n", opts.Host, DEFAULT_HOST) + } + if opts.Port != port { + t.Fatalf("Received incorrect port %v, expected %v\n", opts.Port, port) + } +} diff --git a/server/server.go b/server/server.go index 1cde2790..96c0b254 100644 --- a/server/server.go +++ b/server/server.go @@ -445,14 +445,14 @@ func (s *Server) startMonitoring(secure bool) { var err error if secure { - hp = net.JoinHostPort(s.opts.Host, strconv.Itoa(s.opts.HTTPSPort)) + hp = net.JoinHostPort(s.opts.HTTPHost, strconv.Itoa(s.opts.HTTPSPort)) Noticef("Starting https monitor on %s", hp) config := *s.opts.TLSConfig config.ClientAuth = tls.NoClientCert s.http, err = tls.Listen("tcp", hp, &config) } else { - hp = net.JoinHostPort(s.opts.Host, strconv.Itoa(s.opts.HTTPPort)) + hp = net.JoinHostPort(s.opts.HTTPHost, strconv.Itoa(s.opts.HTTPPort)) Noticef("Starting http monitor on %s", hp) s.http, err = net.Listen("tcp", hp) } diff --git a/test/configs/auth_seed.conf b/test/configs/auth_seed.conf index 23882704..054471d3 100644 --- a/test/configs/auth_seed.conf +++ b/test/configs/auth_seed.conf @@ -2,14 +2,12 @@ # Cluster Seed Node -port: 4222 -net: 127.0.0.1 +listen: 127.0.0.1:4222 http_port: 8222 cluster { - host: '127.0.0.1' - port: 4248 + listen: 127.0.0.1:4248 authorization { user: ruser diff --git a/test/configs/cluster.conf b/test/configs/cluster.conf index bdb3abd2..9c5b7ecc 100644 --- a/test/configs/cluster.conf +++ b/test/configs/cluster.conf @@ -2,12 +2,10 @@ # Cluster config file -host: 127.0.0.1 -port: 4242 +listen: 127.0.0.1:4242 cluster { - host: '127.0.0.1' - port: 4244 + listen: 127.0.0.1:4244 authorization { user: route_user diff --git a/test/configs/override.conf b/test/configs/override.conf index a8917d7d..ec3e4eab 100644 --- a/test/configs/override.conf +++ b/test/configs/override.conf @@ -2,8 +2,7 @@ # Config file to test overrides to client -host: 127.0.0.1 -port: 4224 +listen: 127.0.0.1:4224 # maximum payload max_payload: 2222 diff --git a/test/configs/seed.conf b/test/configs/seed.conf index dae7cea1..2cb9da73 100644 --- a/test/configs/seed.conf +++ b/test/configs/seed.conf @@ -2,12 +2,10 @@ # Cluster Seed Node -port: 4222 -net: 127.0.0.1 +listen: 127.0.0.1:4222 http_port: 8222 cluster { - host: 127.0.0.1 - port: 4248 + listen: 127.0.0.1:4248 } diff --git a/test/configs/srv_a.conf b/test/configs/srv_a.conf index 917925b9..2e66868d 100644 --- a/test/configs/srv_a.conf +++ b/test/configs/srv_a.conf @@ -2,12 +2,10 @@ # Cluster Server A -port: 4222 -net: 127.0.0.1 +listen: 127.0.0.1:4222 cluster { - host: '127.0.0.1' - port: 4244 + listen: 127.0.0.1:4244 authorization { user: ruser diff --git a/test/configs/srv_a_tls.conf b/test/configs/srv_a_tls.conf index d6de3087..614f28a1 100644 --- a/test/configs/srv_a_tls.conf +++ b/test/configs/srv_a_tls.conf @@ -2,12 +2,10 @@ # Cluster Server A -host: 127.0.0.1 -port: 4222 +listen: 127.0.0.1:4222 cluster { - host: 127.0.0.1 - port: 4244 + listen: 127.0.0.1:4244 tls { # Route cert diff --git a/test/configs/srv_b.conf b/test/configs/srv_b.conf index 3d8f30d4..a38a55f1 100644 --- a/test/configs/srv_b.conf +++ b/test/configs/srv_b.conf @@ -2,12 +2,10 @@ # Cluster Server B -port: 4224 -net: 127.0.0.1 +listen: 127.0.0.1:4224 cluster { - host: 127.0.0.1 - port: 4246 + listen: 127.0.0.1:4246 authorization { user: ruser diff --git a/test/configs/srv_b_tls.conf b/test/configs/srv_b_tls.conf index 571a5852..e9f130ec 100644 --- a/test/configs/srv_b_tls.conf +++ b/test/configs/srv_b_tls.conf @@ -2,12 +2,10 @@ # Cluster Server B -host: 127.0.0.1 -port: 4224 +listen: 127.0.0.1:4224 cluster { - host: 127.0.0.1 - port: 4246 + listen: 127.0.0.1:4246 tls { # Route cert diff --git a/test/configs/tls.conf b/test/configs/tls.conf index 2502c74e..7380cafe 100644 --- a/test/configs/tls.conf +++ b/test/configs/tls.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 https_port: 11522 diff --git a/test/monitor_test.go b/test/monitor_test.go index 18de67d8..0d3c4b12 100644 --- a/test/monitor_test.go +++ b/test/monitor_test.go @@ -25,6 +25,7 @@ func runMonitorServer() *server.Server { opts := DefaultTestOptions opts.Port = CLIENT_PORT opts.HTTPPort = MONITOR_PORT + opts.HTTPHost = "localhost" return RunServer(&opts) } @@ -450,6 +451,40 @@ func TestSubsz(t *testing.T) { } } +func TestHTTPHost(t *testing.T) { + s := runMonitorServer() + defer s.Shutdown() + + // Grab non-localhost address and try to use that to connect. + // Should fail. + var ip net.IP + ifaces, _ := net.Interfaces() + for _, i := range ifaces { + addrs, _ := i.Addrs() + for _, addr := range addrs { + switch v := addr.(type) { + case *net.IPNet: + ip = v.IP + case *net.IPAddr: + ip = v.IP + } + // Skip loopback/localhost or any ipv6 for now. + if ip.IsLoopback() || ip.To4() == nil { + ip = nil + continue + } + break + } + } + if ip == nil { + t.Fatalf("Could not find non-loopback IPV4 address") + } + url := fmt.Sprintf("http://%v:%d/", ip, MONITOR_PORT) + if resp, err := http.Get(url + "varz"); err == nil { + t.Fatalf("Expected error: Got %+v\n", resp) + } +} + // Create a connection to test ConnInfo func createClientConnSubscribeAndPublish(t *testing.T) net.Conn { cl := createClientConn(t, "localhost", CLIENT_PORT) diff --git a/test/opts_test.go b/test/opts_test.go index 5ff46a33..c42c7986 100644 --- a/test/opts_test.go +++ b/test/opts_test.go @@ -1,10 +1,8 @@ -// Copyright 2015 Apcera Inc. All rights reserved. +// Copyright 2015-2016 Apcera Inc. All rights reserved. package test -import ( - "testing" -) +import "testing" func TestServerConfig(t *testing.T) { srv, opts := RunServerWithConfig("./configs/override.conf") From 2aba0595235040bdd98e6836811e94852858fd76 Mon Sep 17 00:00:00 2001 From: Derek Collison Date: Thu, 12 May 2016 16:58:43 -0700 Subject: [PATCH 2/4] Supporting test configs --- server/configs/listen.conf | 12 ++++++++++++ server/configs/listen_port.conf | 3 +++ server/configs/listen_port_with_colon.conf | 3 +++ server/configs/tls_test.conf | 10 ++++++++++ 4 files changed, 28 insertions(+) create mode 100644 server/configs/listen.conf create mode 100644 server/configs/listen_port.conf create mode 100644 server/configs/listen_port_with_colon.conf create mode 100644 server/configs/tls_test.conf diff --git a/server/configs/listen.conf b/server/configs/listen.conf new file mode 100644 index 00000000..9b1e76ea --- /dev/null +++ b/server/configs/listen.conf @@ -0,0 +1,12 @@ +# Copyright 2016 Apcera Inc. All rights reserved. + +# Test all permutations of listen address parsing, client, cluster and http. + +listen: 10.0.1.22:4422 + +http: 127.0.0.1:8422 +https: 127.0.0.1:9443 + +cluster { + listen: 127.0.0.1:4244 +} diff --git a/server/configs/listen_port.conf b/server/configs/listen_port.conf new file mode 100644 index 00000000..246f2eb9 --- /dev/null +++ b/server/configs/listen_port.conf @@ -0,0 +1,3 @@ +# Copyright 2016 Apcera Inc. All rights reserved. + +listen: 8922 diff --git a/server/configs/listen_port_with_colon.conf b/server/configs/listen_port_with_colon.conf new file mode 100644 index 00000000..3f929f6d --- /dev/null +++ b/server/configs/listen_port_with_colon.conf @@ -0,0 +1,3 @@ +# Copyright 2016 Apcera Inc. All rights reserved. + +listen: :8922 diff --git a/server/configs/tls_test.conf b/server/configs/tls_test.conf new file mode 100644 index 00000000..79227659 --- /dev/null +++ b/server/configs/tls_test.conf @@ -0,0 +1,10 @@ + +# Simple TLS config file + +port: 4443 +net: localhost # net interface + +tls { + cert_file: "./configs/certs/server.pem" + key_file: "./configs/certs/key.pem" +} From 4c36522f55c638d06d9aed028f9996bb40538f15 Mon Sep 17 00:00:00 2001 From: Derek Collison Date: Thu, 12 May 2016 17:22:09 -0700 Subject: [PATCH 3/4] new listen style --- test/configs/auth_seed.conf | 2 +- test/configs/seed.conf | 2 +- test/configs/tls.conf | 2 +- test/configs/tlsverify.conf | 3 +-- 4 files changed, 4 insertions(+), 5 deletions(-) diff --git a/test/configs/auth_seed.conf b/test/configs/auth_seed.conf index 054471d3..ec1df446 100644 --- a/test/configs/auth_seed.conf +++ b/test/configs/auth_seed.conf @@ -4,7 +4,7 @@ listen: 127.0.0.1:4222 -http_port: 8222 +http: 8222 cluster { listen: 127.0.0.1:4248 diff --git a/test/configs/seed.conf b/test/configs/seed.conf index 2cb9da73..7140c576 100644 --- a/test/configs/seed.conf +++ b/test/configs/seed.conf @@ -4,7 +4,7 @@ listen: 127.0.0.1:4222 -http_port: 8222 +http: 8222 cluster { listen: 127.0.0.1:4248 diff --git a/test/configs/tls.conf b/test/configs/tls.conf index 7380cafe..35851406 100644 --- a/test/configs/tls.conf +++ b/test/configs/tls.conf @@ -3,7 +3,7 @@ listen: localhost:4443 -https_port: 11522 +https: 11522 tls { # Server cert diff --git a/test/configs/tlsverify.conf b/test/configs/tlsverify.conf index 9fc03ae9..9fb79d43 100644 --- a/test/configs/tlsverify.conf +++ b/test/configs/tlsverify.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 tls { # Server cert From 4bbd2231a635c7677a56a812893dac31b5b0824f Mon Sep 17 00:00:00 2001 From: Derek Collison Date: Thu, 12 May 2016 17:34:14 -0700 Subject: [PATCH 4/4] update server configs and README to new listen style --- README.md | 27 ++++++++++----------------- server/configs/seed.conf | 8 +++----- server/configs/seed_tls.conf | 8 +++----- server/configs/srv_a.conf | 6 ++---- server/configs/srv_a_bcrypt.conf | 6 ++---- server/configs/srv_b.conf | 6 ++---- server/configs/srv_b_bcrypt.conf | 6 ++---- server/configs/test.conf | 5 ++--- server/configs/tls.conf | 3 +-- server/configs/tls_bad_cipher.conf | 3 +-- server/configs/tls_ciphers.conf | 3 +-- server/configs/tls_empty_cipher.conf | 3 +-- server/configs/tls_test.conf | 3 +-- 13 files changed, 31 insertions(+), 56 deletions(-) diff --git a/README.md b/README.md index e06af328..c8c74fd7 100644 --- a/README.md +++ b/README.md @@ -94,10 +94,9 @@ Common Options: ``` -port: 4242 # port to listen for client connections -net: apcera.me # net interface to listen +listen: localhost:4242 # host/port to listen for client connections -http_port: 8222 # HTTP monitoring port +http: localhost:8222 # HTTP monitoring port # Authorization for client connections authorization { @@ -111,8 +110,7 @@ authorization { cluster { - host: '127.0.0.1' # host/net interface - port: 4244 # port for inbound route connections + listen: localhost:4244 # host/port for inbound route connections # Authorization for route connections authorization { @@ -179,14 +177,11 @@ Alternatively, you could use a configuration file, let's call it `seed.conf`, wi ``` # Cluster Seed Node -port: 4222 -net: 127.0.0.1 - -http_port: 8222 +listen: 127.0.0.1:4222 +http: 8222 cluster { - host: 127.0.0.1 - port: 4248 + listen: 127.0.0.1:4248 } ``` and start the server like this: @@ -196,8 +191,8 @@ gnatsd -config ./seed.conf -D This will produce an output similar to: ``` -[75653] 2016/04/26 15:14:47.339321 [INF] Listening for route connections on localhost:4248 -[75653] 2016/04/26 15:14:47.340787 [INF] Listening for client connections on 0.0.0.0:4222 +[75653] 2016/04/26 15:14:47.339321 [INF] Listening for route connections on 127.0.0.1:4248 +[75653] 2016/04/26 15:14:47.340787 [INF] Listening for client connections on 127.0.0.1:4222 [75653] 2016/04/26 15:14:47.340822 [DBG] server id is xZfu3u7usAPWkuThomoGzM [75653] 2016/04/26 15:14:47.340825 [INF] server is ready ``` @@ -307,8 +302,7 @@ with a CA authority to verify the client certificates. ``` # Simple TLS config file -net: 127.0.0.1 -port: 4443 +listen: 127.0.0.1:4443 tls { cert_file: "./configs/certs/server-cert.pem" @@ -339,8 +333,7 @@ both directions. Certificates can be configured only for the server's cluster id ``` cluster { - host: '127.0.0.1' - port: 4244 + listen: 127.0.0.1:4244 tls { # Route cert diff --git a/server/configs/seed.conf b/server/configs/seed.conf index 3813237b..cb43d2d8 100644 --- a/server/configs/seed.conf +++ b/server/configs/seed.conf @@ -2,12 +2,10 @@ # Cluster Seed Node -port: 7222 -net: 127.0.0.1 +listen: 127.0.0.1:7222 -http_port: 9222 +http: 127.0.0.1:9222 cluster { - host: 127.0.0.1 - port: 7248 + listen: 127.0.0.1:7248 } diff --git a/server/configs/seed_tls.conf b/server/configs/seed_tls.conf index 5ba3c26b..893f9ecb 100644 --- a/server/configs/seed_tls.conf +++ b/server/configs/seed_tls.conf @@ -2,14 +2,12 @@ # Cluster Seed Node -port: 7222 -net: 127.0.0.1 +listen: 127.0.0.1:7222 -http_port: 9222 +http: 127.0.0.1:9222 cluster { - host: 127.0.0.1 - port: 7248 + listen: 127.0.0.1:7248 tls { # Route cert diff --git a/server/configs/srv_a.conf b/server/configs/srv_a.conf index 8ff19e6e..30cad460 100644 --- a/server/configs/srv_a.conf +++ b/server/configs/srv_a.conf @@ -2,12 +2,10 @@ # Cluster Server A -port: 7222 -net: 127.0.0.1 +listen: 127.0.0.1:7222 cluster { - host: 127.0.0.1 - port: 7244 + listen: 127.0.0.1:7244 authorization { user: ruser diff --git a/server/configs/srv_a_bcrypt.conf b/server/configs/srv_a_bcrypt.conf index 04927339..2de4622c 100644 --- a/server/configs/srv_a_bcrypt.conf +++ b/server/configs/srv_a_bcrypt.conf @@ -2,8 +2,7 @@ # Cluster Server A -host: 127.0.0.1 -port: 7222 +listen: 127.0.0.1:7222 authorization { user: user @@ -12,8 +11,7 @@ authorization { } cluster { - host: 127.0.0.1 - port: 7244 + listen: 127.0.0.1:7244 authorization { user: ruser diff --git a/server/configs/srv_b.conf b/server/configs/srv_b.conf index 1b1b00bd..17aefb9c 100644 --- a/server/configs/srv_b.conf +++ b/server/configs/srv_b.conf @@ -2,12 +2,10 @@ # Cluster Server B -port: 7224 -net: 127.0.0.1 +listen: 127.0.0.1:7224 cluster { - host: 127.0.0.1 - port: 7246 + listen: 127.0.0.1:7246 authorization { user: ruser diff --git a/server/configs/srv_b_bcrypt.conf b/server/configs/srv_b_bcrypt.conf index 9b21dc75..c1bbd947 100644 --- a/server/configs/srv_b_bcrypt.conf +++ b/server/configs/srv_b_bcrypt.conf @@ -2,8 +2,7 @@ # Cluster Server B -host: 127.0.0.1 -port: 7224 +listen: 127.0.0.1:7224 authorization { user: user @@ -12,8 +11,7 @@ authorization { } cluster { - host: 127.0.0.1 - port: 7246 + listen: 127.0.0.1:7246 authorization { user: ruser diff --git a/server/configs/test.conf b/server/configs/test.conf index 65f6f7f4..74e0c537 100644 --- a/server/configs/test.conf +++ b/server/configs/test.conf @@ -1,10 +1,9 @@ # Simple config file -port: 4242 -net: localhost +listen: localhost:4242 -http_port: 8222 +http: 8222 authorization { user: derek diff --git a/server/configs/tls.conf b/server/configs/tls.conf index 617d65e7..924dac2b 100644 --- a/server/configs/tls.conf +++ b/server/configs/tls.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 tls { cert_file: "./configs/certs/server.pem" diff --git a/server/configs/tls_bad_cipher.conf b/server/configs/tls_bad_cipher.conf index 945aaea4..667d286f 100644 --- a/server/configs/tls_bad_cipher.conf +++ b/server/configs/tls_bad_cipher.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 tls { cert_file: "./configs/certs/server.pem" diff --git a/server/configs/tls_ciphers.conf b/server/configs/tls_ciphers.conf index 4611bcd9..32e6b1fd 100644 --- a/server/configs/tls_ciphers.conf +++ b/server/configs/tls_ciphers.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 tls { cert_file: "./configs/certs/server.pem" diff --git a/server/configs/tls_empty_cipher.conf b/server/configs/tls_empty_cipher.conf index ade32d95..094dfd19 100644 --- a/server/configs/tls_empty_cipher.conf +++ b/server/configs/tls_empty_cipher.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost +listen: localhost:4443 tls { cert_file: "./configs/certs/server.pem" diff --git a/server/configs/tls_test.conf b/server/configs/tls_test.conf index 79227659..c944f74e 100644 --- a/server/configs/tls_test.conf +++ b/server/configs/tls_test.conf @@ -1,8 +1,7 @@ # Simple TLS config file -port: 4443 -net: localhost # net interface +listen: localhost:4443 tls { cert_file: "./configs/certs/server.pem"