Commit d6ae7dde authored by ale's avatar ale

Update go-common dep

parent 73ea8795
Pipeline #1169 passed with stages
in 1 minute and 45 seconds
......@@ -13,7 +13,7 @@ import (
// 'shard' parameter on their APIs.
type BackendConfig struct {
URL string `yaml:"url"`
TLSConfig *TLSClientConfig `yaml:"tls_config"`
TLSConfig *TLSClientConfig `yaml:"tls"`
Sharded bool `yaml:"sharded"`
Debug bool `yaml:"debug"`
}
......
......@@ -2,6 +2,7 @@ package clientutil
import (
"crypto/tls"
"errors"
common "git.autistici.org/ai3/go-common"
)
......@@ -16,6 +17,10 @@ type TLSClientConfig struct {
// TLSConfig returns a tls.Config object with the current configuration.
func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
if c.Cert == "" || c.Key == "" || c.CA == "" {
return nil, errors.New("incomplete client tls specification")
}
cert, err := tls.LoadX509KeyPair(c.Cert, c.Key)
if err != nil {
return nil, err
......@@ -24,13 +29,11 @@ func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
Certificates: []tls.Certificate{cert},
}
if c.CA != "" {
cas, err := common.LoadCA(c.CA)
if err != nil {
return nil, err
}
tlsConf.RootCAs = cas
cas, err := common.LoadCA(c.CA)
if err != nil {
return nil, err
}
tlsConf.RootCAs = cas
tlsConf.BuildNameToCertificate()
return tlsConf, nil
......
......@@ -2,6 +2,7 @@ package common
import (
"crypto/x509"
"fmt"
"io/ioutil"
)
......@@ -12,6 +13,8 @@ func LoadCA(path string) (*x509.CertPool, error) {
return nil, err
}
cas := x509.NewCertPool()
cas.AppendCertsFromPEM(data)
if !cas.AppendCertsFromPEM(data) {
return nil, fmt.Errorf("no certificates could be parsed in %s", path)
}
return cas, nil
}
......@@ -61,7 +61,7 @@ The YAML file should contain a dictionary with the following attributes:
* `user_meta_server` holds the configuration for the user-meta-server
backend:
* `url` is the URL of the service
* `tls_config` configures TLS for the client:
* `tls` configures TLS for the client:
* `cert` is the path to the client certificate
* `key` is the path to the client private key
* `ca` is the path to the CA store to verify the server certificate
......
......@@ -3,28 +3,28 @@
"ignore": "test",
"package": [
{
"checksumSHA1": "raJx5BjBbVQG0ylGSjPpi+JvqjU=",
"checksumSHA1": "pLvPnUablirQucyALgrso9hLG4E=",
"path": "git.autistici.org/ai3/go-common",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
"revisionTime": "2018-08-17T06:38:25Z"
"revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-28T06:59:35Z"
},
{
"checksumSHA1": "49MChcx9D+/+pCyl/F469TcQcK4=",
"checksumSHA1": "WxcDAOyeiMJa5QyJAhsl6swy8ks=",
"path": "git.autistici.org/ai3/go-common/clientutil",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
"revisionTime": "2018-08-17T06:38:25Z"
"revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-28T06:59:35Z"
},
{
"checksumSHA1": "7VBLbwaK1m/jwsk8sLsh4iD9T/s=",
"path": "git.autistici.org/ai3/go-common/serverutil",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
"revisionTime": "2018-08-17T06:38:25Z"
"revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-28T06:59:35Z"
},
{
"checksumSHA1": "3O4iVrwqPi2ACUsNOhf0cgCyTgU=",
"checksumSHA1": "tjyzbp5Z6UL36XMWWimoLCMMnFY=",
"path": "git.autistici.org/id/auth",
"revision": "0350346b3753ef83163a3e0780b3482ab359d857",
"revisionTime": "2018-08-17T07:37:00Z"
"revision": "ae42c89da3421682feab7a8936083ea3e3c60668",
"revisionTime": "2018-08-28T07:02:37Z"
},
{
"checksumSHA1": "spyv5/YFBjYyZLZa1U2LBfDR8PM=",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment