From 9509cf74f017cb5e4e64c59d0b30bd5602626c01 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 23 Mar 2016 20:03:28 +0100 Subject: Fix cert issues --- main.go | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) (limited to 'main.go') diff --git a/main.go b/main.go index 78aeca5..b0eafdd 100644 --- a/main.go +++ b/main.go @@ -25,22 +25,31 @@ type Route map[string]Entry type Entry struct { ServerName string Upstream string - Cert *tls.Certificate + Cert []byte + Key []byte + cert *tls.Certificate } func (r Route) SNI(h *tls.ClientHelloInfo) (*tls.Certificate, error) { - if e, ok := r[h.ServerName]; ok && e.Cert != nil { - return e.Cert, nil + if e, ok := r[h.ServerName]; ok && e.cert != nil { + return e.cert, nil } return nil, errors.New("no cert for " + h.ServerName) } -func (r Route) Restore() { +func (r Route) Restore() error { // FIXME assignment copies lock value to *mux: net/http.ServeMux contains sync.RWMutex *mux = *http.NewServeMux() - for _, e := range route { - e.NewHandle() + for k, v := range route { + cert, err := tls.X509KeyPair(v.Cert, v.Key) + if err != nil { + return err + } + v.cert = &cert + r[k] = v + v.NewHandle() } + return nil } func (e Entry) NewHandle() error { @@ -54,7 +63,7 @@ func (e Entry) NewHandle() error { } func (e Entry) String() string { - if e.Cert != nil { + if e.cert != nil { return e.ServerName + " -> " + e.Upstream + " with TLS" } else { return e.ServerName + " -> " + e.Upstream -- cgit v1.2.3