luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

command/server: support TLS

This commit is contained in:
Mitchell Hashimoto 2015-03-13 09:56:08 -07:00
parent 61224ce312
commit 393c6c6c20
3 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
command/server/listener.go
View File

@ -1,6 +1,7 @@
package server
import (
"crypto/tls"
"fmt"
"net"
)
@ -23,3 +24,32 @@ func NewListener(t string, config map[string]string) (net.Listener, error) {
return f(config)
}
func listenerWrapTLS(
ln net.Listener, config map[string]string) (net.Listener, error) {
if v, ok := config["tls_disable"]; ok && v != "" {
return ln, nil
}
certFile, ok := config["tls_cert_file"]
if !ok {
return nil, fmt.Errorf("'tls_cert_file' must be set")
}
keyFile, ok := config["tls_key_file"]
if !ok {
return nil, fmt.Errorf("'tls_key_file' must be set")
}
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return nil, fmt.Errorf("error loading TLS cert: %s", err)
}
tlsConf := &tls.Config{}
tlsConf.Certificates = []tls.Certificate{cert}
tlsConf.NextProtos = []string{"http/1.1"}
ln = tls.NewListener(ln, tlsConf)
return ln, nil
}

2
command/server/listener_tcp.go
View File

@ -16,5 +16,5 @@ func tcpListenerFactory(config map[string]string) (net.Listener, error) {
return nil, err
}
return ln, nil
return listenerWrapTLS(ln, config)
}

22
command/server/listener_tcp_test.go
View File

@ -7,7 +7,27 @@ import (
func TestTCPListener(t *testing.T) {
ln, err := tcpListenerFactory(map[string]string{
"address": "127.0.0.1:0",
"address": "127.0.0.1:0",
"tls_disable": "1",
})
if err != nil {
t.Fatalf("err: %s", err)
}
connFn := func(lnReal net.Listener) (net.Conn, error) {
return net.Dial("tcp", ln.Addr().String())
}
testListenerImpl(t, ln, connFn)
}
func TestTCPListener_tls(t *testing.T) {
// TODO
t.Skip()
ln, err := tcpListenerFactory(map[string]string{
"address": "127.0.0.1:0",
"tls_disable": "1",
})
if err != nil {
t.Fatalf("err: %s", err)