aboutsummaryrefslogtreecommitdiff
path: root/route.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-23 23:41:59 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-23 23:41:59 +0100
commitf2483c50f52762db42eec3c785b0da1353b0b0c8 (patch)
treeac35cdf3a8053c764af7e4f87e4a042db7bb1477 /route.go
parent2e34992a77eaa4e191b9257465535501fa227fac (diff)
Split
Diffstat (limited to 'route.go')
-rw-r--r--route.go55
1 files changed, 55 insertions, 0 deletions
diff --git a/route.go b/route.go
new file mode 100644
index 0000000..74062b5
--- /dev/null
+++ b/route.go
@@ -0,0 +1,55 @@
+package main
+
+import (
+ "crypto/tls"
+ "errors"
+ "net/http"
+ "net/http/httputil"
+ "net/url"
+)
+
+type Route map[string]Entry
+
+type Entry struct {
+ ServerName string
+ Upstream string
+ Cert []byte
+ Key []byte
+ cert *tls.Certificate
+}
+
+func (r Route) SNI(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
+ if e, ok := r[h.ServerName]; ok && e.cert != nil {
+ return e.cert, nil
+ }
+ return nil, errors.New("no cert for " + h.ServerName)
+}
+
+func (r Route) Restore() error {
+ mux := http.NewServeMux()
+ for k, v := range route {
+ if v.Cert != nil && v.Key != nil {
+ cert, err := tls.X509KeyPair(v.Cert, v.Key)
+ if err != nil {
+ return err
+ }
+ v.cert = &cert
+ r[k] = v
+ }
+ up, err := url.Parse(v.Upstream)
+ if err != nil {
+ return err
+ }
+ mux.Handle(v.ServerName+"/", httputil.NewSingleHostReverseProxy(up))
+ }
+ server.Handler = mux
+ return nil
+}
+
+func (e Entry) String() string {
+ if e.cert != nil {
+ return e.ServerName + " -> " + e.Upstream + " with TLS"
+ } else {
+ return e.ServerName + " -> " + e.Upstream
+ }
+}