From e2256dd1b2bfe8c042f03470dc5b7fb41ffb926b Mon Sep 17 00:00:00 2001 From: Quentin McGaw Date: Fri, 5 Jun 2026 15:52:51 +0000 Subject: [PATCH] moare fixes --- internal/restrictednet/client.go | 7 +++++-- internal/restrictednet/https.go | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/internal/restrictednet/client.go b/internal/restrictednet/client.go index cdcd9472..9225a96c 100644 --- a/internal/restrictednet/client.go +++ b/internal/restrictednet/client.go @@ -23,7 +23,10 @@ type Client struct { func New(firewall Firewall, defaultInterface string, ipv6Supported bool, upstreamResolvers []provider.Provider, -) (*Client, error) { +) *Client { + if len(upstreamResolvers) == 0 { + panic("no upstream resolvers provided") // programming error + } dohServers := make([]provider.DoHServer, len(upstreamResolvers)) for i, upstreamResolver := range upstreamResolvers { dohServers[i] = upstreamResolver.DoH @@ -36,7 +39,7 @@ func New(firewall Firewall, defaultInterface string, ipv6Supported bool, ipv6Supported: ipv6Supported, dohServers: dohServers, httpsPort: defaultHTTPSPort, - }, nil + } } func (c *Client) OpenHTTPSByDomain(ctx context.Context, domain string) ( diff --git a/internal/restrictednet/https.go b/internal/restrictednet/https.go index 209e68f0..06c378ce 100644 --- a/internal/restrictednet/https.go +++ b/internal/restrictednet/https.go @@ -37,7 +37,7 @@ func (c *Client) OpenHTTPS(ctx context.Context, destinationTLSName string, desti connection, err := connectSourceConnection(ctx, fd, destinationAddrPort) if err != nil { const remove = true - _ = c.firewall.AcceptOutputFromIPPortToIPPort(ctx, "tcp", c.outboundInterface, + _ = c.firewall.AcceptOutputFromIPPortToIPPort(context.Background(), "tcp", c.outboundInterface, sourceAddrPort, destinationAddrPort, remove) return nil, nil, fmt.Errorf("connecting source socket: %w", err) }