From 72d475a8fe4983bde232889240528273b868bd7c Mon Sep 17 00:00:00 2001
From: Rafael Dantas Justo <rafael@registro.br>
Date: Mon, 4 Jan 2016 10:30:39 -0200
Subject: [PATCH] Allow changing the default TLS configuration

When starting a TLS connection in some environments, we usually disabled some
certificates checks to allow tests with self-signed certificates. To disable
this checks we need to change some TLS parameters when starting a connection,
and for that we need to inject this parameters in the API.

Now the Client will also have an attribute for the TLS configuration
parameters. For future refactories, we could change the TLS attribute from bool
to a struct that would store the "Enable" flag and the configuration.

See #297
---
 client.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/client.go b/client.go
index 3bc58f28..219699ac 100644
--- a/client.go
+++ b/client.go
@@ -28,6 +28,7 @@ type Client struct {
 	Net            string            // if "tcp" a TCP query will be initiated, otherwise an UDP one (default is "" for UDP)
 	UDPSize        uint16            // minimum receive buffer for UDP messages
 	TLS            bool              // enables TLS connection (port 853)
+	TLSConfig      *tls.Config       // TLS connection configuration (TLS flag should be enabled)
 	DialTimeout    time.Duration     // net.DialTimeout, defaults to 2 seconds
 	ReadTimeout    time.Duration     // net.Conn.SetReadTimeout value for connections, defaults to 2 seconds
 	WriteTimeout   time.Duration     // net.Conn.SetWriteTimeout value for connections, defaults to 2 seconds
@@ -161,7 +162,7 @@ func (c *Client) exchange(m *Msg, a string) (r *Msg, rtt time.Duration, err erro
 	}
 
 	if c.TLS {
-		co, err = DialTimeoutWithTLS(network, a, c.dialTimeout())
+		co, err = DialTimeoutWithTLS(network, a, c.TLSConfig, c.dialTimeout())
 	} else {
 		co, err = DialTimeout(network, a, c.dialTimeout())
 	}
@@ -394,9 +395,9 @@ func DialTimeout(network, address string, timeout time.Duration) (conn *Conn, er
 }
 
 // DialWithTLS connects to the address on the named network with TLS.
-func DialWithTLS(network, address string) (conn *Conn, err error) {
+func DialWithTLS(network, address string, tlsConfig *tls.Config) (conn *Conn, err error) {
 	conn = new(Conn)
-	conn.Conn, err = tls.Dial(network, address, nil)
+	conn.Conn, err = tls.Dial(network, address, tlsConfig)
 	if err != nil {
 		return nil, err
 	}
@@ -404,12 +405,12 @@ func DialWithTLS(network, address string) (conn *Conn, err error) {
 }
 
 // DialTimeoutWithTLS acts like DialWithTLS but takes a timeout.
-func DialTimeoutWithTLS(network, address string, timeout time.Duration) (conn *Conn, err error) {
+func DialTimeoutWithTLS(network, address string, tlsConfig *tls.Config, timeout time.Duration) (conn *Conn, err error) {
 	var dialer net.Dialer
 	dialer.Timeout = timeout
 
 	conn = new(Conn)
-	conn.Conn, err = tls.DialWithDialer(&dialer, network, address, nil)
+	conn.Conn, err = tls.DialWithDialer(&dialer, network, address, tlsConfig)
 	if err != nil {
 		return nil, err
 	}