Skip to content
Snippets Groups Projects
Commit 0bab7c71 authored by ale's avatar ale
Browse files

Update go-common dep

parent d6da5f9f
No related branches found
No related tags found
No related merge requests found
...@@ -13,7 +13,7 @@ import ( ...@@ -13,7 +13,7 @@ import (
// 'shard' parameter on their APIs. // 'shard' parameter on their APIs.
type BackendConfig struct { type BackendConfig struct {
URL string `yaml:"url"` URL string `yaml:"url"`
TLSConfig *TLSClientConfig `yaml:"tls_config"` TLSConfig *TLSClientConfig `yaml:"tls"`
Sharded bool `yaml:"sharded"` Sharded bool `yaml:"sharded"`
Debug bool `yaml:"debug"` Debug bool `yaml:"debug"`
} }
......
...@@ -2,6 +2,7 @@ package clientutil ...@@ -2,6 +2,7 @@ package clientutil
import ( import (
"crypto/tls" "crypto/tls"
"errors"
common "git.autistici.org/ai3/go-common" common "git.autistici.org/ai3/go-common"
) )
...@@ -16,6 +17,10 @@ type TLSClientConfig struct { ...@@ -16,6 +17,10 @@ type TLSClientConfig struct {
// TLSConfig returns a tls.Config object with the current configuration. // TLSConfig returns a tls.Config object with the current configuration.
func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) { func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
if c.Cert == "" || c.Key == "" || c.CA == "" {
return nil, errors.New("incomplete client tls specification")
}
cert, err := tls.LoadX509KeyPair(c.Cert, c.Key) cert, err := tls.LoadX509KeyPair(c.Cert, c.Key)
if err != nil { if err != nil {
return nil, err return nil, err
...@@ -24,13 +29,11 @@ func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) { ...@@ -24,13 +29,11 @@ func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
} }
if c.CA != "" { cas, err := common.LoadCA(c.CA)
cas, err := common.LoadCA(c.CA) if err != nil {
if err != nil { return nil, err
return nil, err
}
tlsConf.RootCAs = cas
} }
tlsConf.RootCAs = cas
tlsConf.BuildNameToCertificate() tlsConf.BuildNameToCertificate()
return tlsConf, nil return tlsConf, nil
......
...@@ -2,6 +2,7 @@ package common ...@@ -2,6 +2,7 @@ package common
import ( import (
"crypto/x509" "crypto/x509"
"fmt"
"io/ioutil" "io/ioutil"
) )
...@@ -12,6 +13,8 @@ func LoadCA(path string) (*x509.CertPool, error) { ...@@ -12,6 +13,8 @@ func LoadCA(path string) (*x509.CertPool, error) {
return nil, err return nil, err
} }
cas := x509.NewCertPool() cas := x509.NewCertPool()
cas.AppendCertsFromPEM(data) if !cas.AppendCertsFromPEM(data) {
return nil, fmt.Errorf("no certificates could be parsed in %s", path)
}
return cas, nil return cas, nil
} }
...@@ -3,22 +3,22 @@ ...@@ -3,22 +3,22 @@
"ignore": "test", "ignore": "test",
"package": [ "package": [
{ {
"checksumSHA1": "raJx5BjBbVQG0ylGSjPpi+JvqjU=", "checksumSHA1": "pLvPnUablirQucyALgrso9hLG4E=",
"path": "git.autistici.org/ai3/go-common", "path": "git.autistici.org/ai3/go-common",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357", "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-17T06:38:25Z" "revisionTime": "2018-08-28T06:59:35Z"
}, },
{ {
"checksumSHA1": "49MChcx9D+/+pCyl/F469TcQcK4=", "checksumSHA1": "WxcDAOyeiMJa5QyJAhsl6swy8ks=",
"path": "git.autistici.org/ai3/go-common/clientutil", "path": "git.autistici.org/ai3/go-common/clientutil",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357", "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-17T06:38:25Z" "revisionTime": "2018-08-28T06:59:35Z"
}, },
{ {
"checksumSHA1": "7VBLbwaK1m/jwsk8sLsh4iD9T/s=", "checksumSHA1": "7VBLbwaK1m/jwsk8sLsh4iD9T/s=",
"path": "git.autistici.org/ai3/go-common/serverutil", "path": "git.autistici.org/ai3/go-common/serverutil",
"revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357", "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
"revisionTime": "2018-08-17T06:38:25Z" "revisionTime": "2018-08-28T06:59:35Z"
}, },
{ {
"checksumSHA1": "zCVstnZ23vTfA6oKC389y6Opglw=", "checksumSHA1": "zCVstnZ23vTfA6oKC389y6Opglw=",
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment