mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-22 23:50:32 +00:00
4e41a5583d
The common package defines the interfaces that a protocol must implement and contain code that can be shared among supported protocols. This way should be easier to support new protocols
49 lines
1 KiB
Go
49 lines
1 KiB
Go
package httpd
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"sync"
|
|
|
|
"github.com/drakkan/sftpgo/ldapauthserver/logger"
|
|
)
|
|
|
|
type certManager struct {
|
|
certPath string
|
|
keyPath string
|
|
sync.RWMutex
|
|
cert *tls.Certificate
|
|
}
|
|
|
|
func (m *certManager) loadCertificate() error {
|
|
newCert, err := tls.LoadX509KeyPair(m.certPath, m.keyPath)
|
|
if err != nil {
|
|
logger.Warn(logSender, "", "unable to load https certificate: %v", err)
|
|
return err
|
|
}
|
|
logger.Debug(logSender, "", "https certificate successfully loaded")
|
|
m.Lock()
|
|
defer m.Unlock()
|
|
m.cert = &newCert
|
|
return nil
|
|
}
|
|
|
|
func (m *certManager) GetCertificateFunc() func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
|
|
return func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
|
m.RLock()
|
|
defer m.RUnlock()
|
|
return m.cert, nil
|
|
}
|
|
}
|
|
|
|
func newCertManager(certificateFile, certificateKeyFile string) (*certManager, error) {
|
|
manager := &certManager{
|
|
cert: nil,
|
|
certPath: certificateFile,
|
|
keyPath: certificateKeyFile,
|
|
}
|
|
err := manager.loadCertificate()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return manager, nil
|
|
}
|