afa31ead125db05f5cccdb8b7d66c03aae010b58 — Chris Waldon 7 months ago 3e9e4f5
relay: add flag for listen IP address

Currently the relay binds to all local addresses by default.
This isn't especially secure for laptops on random local wifi
networks and the like, so this is incremental progress towards
defaulting to only listening on localhost.
1 files changed, 2 insertions(+), 1 deletions(-)

M cmd/relay/main.go
M cmd/relay/main.go => cmd/relay/main.go +2 -1
@@ 28,6 28,7 @@ func main() {
	keypath := flag.String("keypath", "", "Location of the TLS private key (key file)")
	insecure := flag.Bool("insecure", false, "Don't verify the TLS certificates of addresses provided as arguments")
	tlsPort := flag.Int("tls-port", 7777, "TLS listen port")
	tlsIP := flag.String("tls-ip", "", "TLS listen IP address")
	flag.Usage = func() {

@@ 52,7 53,7 @@ and will establish Sprout connections to all addresses provided as arguments.

	address := fmt.Sprintf(":%d", *tlsPort)
	address := fmt.Sprintf("%s:%d", *tlsIP, *tlsPort)
	listener, err := tls.Listen("tcp", address, tlsConfig)
	if err != nil {
		log.Fatalf("Failed to start TLS listener on address %s: %v", address, err)