username -> user_name

in case we want to add user_group and whatnot.

Remove the command-line option as it hides the caveats documented
in the configuration file.

Remove TODO. TODO statements always remain in that state forever.

dnscrypt-proxy/config.go

@@ -26,7 +26,7 @@ type Config struct {
 	ServerNames              []string `toml:"server_names"`
 	ListenAddresses          []string `toml:"listen_addresses"`
 	Daemonize                bool
-	Username                 string `toml:"username"`
+	UserName                 string `toml:"user_name"`
 	ForceTCP                 bool   `toml:"force_tcp"`
 	Timeout                  int    `toml:"timeout"`
 	KeepAlive                int    `toml:"keepalive"`
@@ -189,7 +189,6 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 	jsonOutput := flag.Bool("json", false, "output list as JSON")
 	check := flag.Bool("check", false, "check the configuration file and exit")
 	configFile := flag.String("config", DefaultConfigFileName, "Path to the configuration file")
-	username := flag.String("username", "", "After binding to the port user privileges are dropped")
 	child := flag.Bool("child", false, "Invokes program as a child process")
 
 	flag.Parse()
@@ -241,10 +240,6 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 	proxy.logMaxAge = config.LogMaxAge
 	proxy.logMaxBackups = config.LogMaxBackups
 
-	proxy.username = config.Username
-	if len(*username) > 0 {
-		proxy.username = *username
-	}
 	proxy.child = *child
 	proxy.xTransport = NewXTransport()
 	proxy.xTransport.tlsDisableSessionTickets = config.TLSDisableSessionTickets

dnscrypt-proxy/example-dnscrypt-proxy.toml

@@ -50,7 +50,7 @@ max_clients = 250
 ## Note (1): this feature is currently unsupported on Windows.
 ## Note (2): this feature is not compatible with systemd socket activation.
 
-# username = 'nobody'
+# user_name = 'nobody'
 
 
 ## Require servers (from static + remote sources) to satisfy specific properties

dnscrypt-proxy/proxy.go

@@ -16,7 +16,7 @@ import (
 )
 
 type Proxy struct {
-	username                     string
+	userName                     string
 	child                        bool
 	proxyPublicKey               [32]byte
 	proxySecretKey               [32]byte
@@ -85,8 +85,8 @@ func (proxy *Proxy) StartProxy() {
 			dlog.Fatal(err)
 		}
 
-		// if 'username' is not set, continue as before (Todo: refactor for DRYniss)
-		if !(len(proxy.username) > 0) {
+		// if 'userName' is not set, continue as before
+		if !(len(proxy.userName) > 0) {
 			if err := proxy.udpListenerFromAddr(listenUDPAddr); err != nil {
 				dlog.Fatal(err)
 			}
@@ -94,7 +94,7 @@ func (proxy *Proxy) StartProxy() {
 				dlog.Fatal(err)
 			}
 		} else {
-			// if 'username' is set and we are the parent process
+			// if 'userName' is set and we are the parent process
 			if !proxy.child {
 				// parent
 				listenerUDP, err := net.ListenUDP("udp", listenUDPAddr)
@@ -119,7 +119,7 @@ func (proxy *Proxy) StartProxy() {
 				FileDescriptors = append(FileDescriptors, fdUDP)
 				FileDescriptors = append(FileDescriptors, fdTCP)
 
-				// if 'username' is set and we are the child process
+				// if 'userName' is set and we are the child process
 			} else {
 				// child
 				listenerUDP, err := net.FilePacketConn(os.NewFile(uintptr(3+FileDescriptorNum), "listenerUDP"))
@@ -143,9 +143,9 @@ func (proxy *Proxy) StartProxy() {
 		}
 	}
 
-	// if 'username' is set and we are the parent process drop privilege and exit
-	if len(proxy.username) > 0 && !proxy.child {
-		proxy.dropPrivilege(proxy.username, FileDescriptors)
+	// if 'userName' is set and we are the parent process drop privilege and exit
+	if len(proxy.userName) > 0 && !proxy.child {
+		proxy.dropPrivilege(proxy.userName, FileDescriptors)
 	}
 	if err := proxy.SystemDListeners(); err != nil {
 		dlog.Fatal(err)