jarno
/
hydroxide-push
1
0
Fork 0
Code Issues Pull Requests Wiki Activity

Fix cleartext listeners 

We need a nil *tls.Config to setup cleartext listeners.

Fixes: eaed359829 ("Add support for TLS listeners")
Closes: https://github.com/emersion/hydroxide/issues/156
This commit is contained in:
Simon Ser 2021-02-25 12:39:03 +01:00
parent eaed359829
commit 5e211c61ac
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
config/tls.go
View File

@ -8,21 +8,27 @@ import (
)
func TLS(certPath string, keyPath string, clientCAPath string) (*tls.Config, error) {
tlsConfig := &tls.Config{}
var tlsConfig *tls.Config
if certPath != "" && keyPath != "" {
cert, err := tls.LoadX509KeyPair(certPath, keyPath)
if err != nil {
return nil, fmt.Errorf("error: unable load key pair: %s", err)
return nil, fmt.Errorf("unable load key pair: %s", err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
tlsConfig = &tls.Config{
Certificates: []tls.Certificate{cert},
}
}
if clientCAPath != "" {
if tlsConfig == nil {
return nil, fmt.Errorf("cannot check client certificate without a server certificate and key")
}
data, err := ioutil.ReadFile(clientCAPath)
if err != nil {
return nil, fmt.Errorf("error: unable read CA file: %s", err)
return nil, fmt.Errorf("unable read CA file: %s", err)
}
pool := x509.NewCertPool()