home: imp code

AdguardTeam · Dec 7, 2023 · 2f32c59 · 2f32c59
1 parent 01e21a2
commit 2f32c59
Showing 1 changed file with 15 additions and 10 deletions.
diff --git a/internal/home/tls.go b/internal/home/tls.go
@@ -298,7 +298,7 @@ type tlsConfigSettingsExt struct {
 	PrivateKeySaved bool `yaml:"-" json:"private_key_saved"`
 
 	// ServePlainDNS defines if plain DNS is allowed for incoming requests.
-	ServePlainDNS bool `yaml:"-" json:"serve_plain_dns"`
+	ServePlainDNS aghalg.NullBool `yaml:"-" json:"serve_plain_dns"`
 }
 
 // handleTLSStatus is the handler for the GET /control/tls/status HTTP API.
@@ -307,7 +307,7 @@ func (m *tlsManager) handleTLSStatus(w http.ResponseWriter, r *http.Request) {
 	data := tlsConfig{
 		tlsConfigSettingsExt: tlsConfigSettingsExt{
 			tlsConfigSettings: m.conf,
-			ServePlainDNS:     m.servePlainDNS,
+			ServePlainDNS:     aghalg.BoolToNullBool(m.servePlainDNS),
 		},
 		tlsConfigStatus: m.status,
 	}
@@ -351,7 +351,7 @@ func (m *tlsManager) handleTLSValidate(w http.ResponseWriter, r *http.Request) {
 func (m *tlsManager) setConfig(
 	newConf tlsConfigSettings,
 	status *tlsConfigStatus,
-	servePlain bool,
+	servePlain aghalg.NullBool,
 ) (restartHTTPS bool) {
 	m.confLock.Lock()
 	defer m.confLock.Unlock()
@@ -383,7 +383,10 @@ func (m *tlsManager) setConfig(
 	m.conf.PrivateKeyPath = newConf.PrivateKeyPath
 	m.conf.PrivateKeyData = newConf.PrivateKeyData
 	m.status = status
-	m.servePlainDNS = servePlain
+
+	if servePlain != aghalg.NBNull {
+		m.servePlainDNS = servePlain == aghalg.NBTrue
+	}
 
 	return restartHTTPS
 }
@@ -424,12 +427,14 @@ func (m *tlsManager) handleTLSConfigure(w http.ResponseWriter, r *http.Request)
 	restartHTTPS := m.setConfig(req.tlsConfigSettings, status, req.ServePlainDNS)
 	m.setCertFileTime()
 
-	func() {
-		m.confLock.Lock()
-		defer m.confLock.Unlock()
+	if req.ServePlainDNS != aghalg.NBNull {
+		func() {
+			m.confLock.Lock()
+			defer m.confLock.Unlock()
 
-		config.DNS.ServePlainDNS = req.ServePlainDNS
-	}()
+			config.DNS.ServePlainDNS = req.ServePlainDNS == aghalg.NBTrue
+		}()
+	}
 
 	onConfigModified()
 
@@ -476,7 +481,7 @@ func validateTLSSettings(setts tlsConfigSettingsExt) (err error) {
 			// Don't wrap the error since it's informative enough as is.
 			return err
 		}
-	} else if !setts.ServePlainDNS {
+	} else if setts.ServePlainDNS == aghalg.NBFalse {
 		// TODO(a.garipov): Support full disabling of all DNS.
 		return errors.Error("plain DNS is required in case encryption protocols are disabled")
 	}