Reformat the tls config

This commit is contained in:
Melon 2023-12-06 08:37:35 +00:00
parent 2cce26429b
commit bc6e98db8c
Signed by: melon
GPG Key ID: 6C9D970C50D26A25

View File

@ -31,21 +31,23 @@ func NewHttpsServer(conf *conf.Conf) *http.Server {
rw.Header().Set("Strict-Transport-Security", "max-age=63072000; includeSubDomains") rw.Header().Set("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
rateLimiter.ServeHTTP(rw, req) rateLimiter.ServeHTTP(rw, req)
}), }),
TLSConfig: &tls.Config{GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) { TLSConfig: &tls.Config{
// error out on invalid domains GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
if !conf.Domains.IsValid(info.ServerName) { // error out on invalid domains
return nil, fmt.Errorf("invalid hostname used: '%s'", info.ServerName) if !conf.Domains.IsValid(info.ServerName) {
} return nil, fmt.Errorf("invalid hostname used: '%s'", info.ServerName)
}
// find a certificate // find a certificate
cert := conf.Certs.GetCertForDomain(info.ServerName) cert := conf.Certs.GetCertForDomain(info.ServerName)
if cert == nil { if cert == nil {
return nil, fmt.Errorf("failed to find certificate for: '%s'", info.ServerName) return nil, fmt.Errorf("failed to find certificate for: '%s'", info.ServerName)
} }
// time to return // time to return
return cert, nil return cert, nil
}}, },
},
ReadTimeout: 150 * time.Second, ReadTimeout: 150 * time.Second,
ReadHeaderTimeout: 150 * time.Second, ReadHeaderTimeout: 150 * time.Second,
WriteTimeout: 150 * time.Second, WriteTimeout: 150 * time.Second,