sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Expose KnownHosts and CertificateStore internals

Browse Source
This commit is contained in:
Adnan Maolood 2020-11-23 12:17:54 -05:00
parent f6b0443a62
commit 0c75e5d5ad
4 changed files with 45 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
cert.go
View File

@ -18,19 +18,22 @@ import (
"time" "time"
) )
// CertificateStore maps certificate scopes to certificates. // CertificateDir maps certificate scopes to certificates.
// The zero value of CertificateStore is an empty store ready to use. type CertificateStore map[string]tls.Certificate
type CertificateStore struct {
store map[string]tls.Certificate // CertificateDir represents a certificate store optionally loaded from a directory.
dir bool // The zero value of CertificateDir is an empty store ready to use.
path string type CertificateDir struct {
CertificateStore
dir bool
path string
} }
// Add adds a certificate for the given scope to the store. // Add adds a certificate for the given scope to the store.
// It tries to parse the certificate if it is not already parsed. // It tries to parse the certificate if it is not already parsed.
func (c *CertificateStore) Add(scope string, cert tls.Certificate) { func (c *CertificateDir) Add(scope string, cert tls.Certificate) {
if c.store == nil { if c.CertificateStore == nil {
c.store = map[string]tls.Certificate{} c.CertificateStore = CertificateStore{}
} }
// Parse certificate if not already parsed // Parse certificate if not already parsed
if cert.Leaf == nil { if cert.Leaf == nil {
@ -39,11 +42,11 @@ func (c *CertificateStore) Add(scope string, cert tls.Certificate) {
cert.Leaf = parsed cert.Leaf = parsed
} }
} }
c.store[scope] = cert c.CertificateStore[scope] = cert
} }
// Write writes the provided certificate to the certificate directory. // Write writes the provided certificate to the certificate directory.
func (c *CertificateStore) Write(scope string, cert tls.Certificate) error { func (c *CertificateDir) Write(scope string, cert tls.Certificate) error {
if c.dir { if c.dir {
certPath := filepath.Join(c.path, scope+".crt") certPath := filepath.Join(c.path, scope+".crt")
keyPath := filepath.Join(c.path, scope+".key") keyPath := filepath.Join(c.path, scope+".key")
@ -55,8 +58,8 @@ func (c *CertificateStore) Write(scope string, cert tls.Certificate) error {
} }
// Lookup returns the certificate for the given scope. // Lookup returns the certificate for the given scope.
func (c *CertificateStore) Lookup(scope string) (tls.Certificate, bool) { func (c *CertificateDir) Lookup(scope string) (tls.Certificate, bool) {
cert, ok := c.store[scope] cert, ok := c.CertificateStore[scope]
return cert, ok return cert, ok
} }
@ -66,7 +69,7 @@ func (c *CertificateStore) Lookup(scope string) (tls.Certificate, bool) {
// For example, the hostname "localhost" would have the corresponding files // For example, the hostname "localhost" would have the corresponding files
// localhost.crt (certificate) and localhost.key (private key). // localhost.crt (certificate) and localhost.key (private key).
// New certificates will be written to this directory. // New certificates will be written to this directory.
func (c *CertificateStore) Load(path string) error { func (c *CertificateDir) Load(path string) error {
matches, err := filepath.Glob(filepath.Join(path, "*.crt")) matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
if err != nil { if err != nil {
return err return err
@ -85,8 +88,8 @@ func (c *CertificateStore) Load(path string) error {
return nil return nil
} }
// SetOutput sets the directory that new certificates will be written to. // SetDir sets the directory that new certificates will be written to.
func (c *CertificateStore) SetOutput(path string) { func (c *CertificateDir) SetDir(path string) {
c.dir = true c.dir = true
c.path = path c.path = path
} }

4
client.go
View File

@ -15,10 +15,10 @@ import (
// Client is a Gemini client. // Client is a Gemini client.
type Client struct { type Client struct {
// KnownHosts is a list of known hosts. // KnownHosts is a list of known hosts.
KnownHosts KnownHosts KnownHosts KnownHostsFile
// Certificates stores client-side certificates. // Certificates stores client-side certificates.
Certificates CertificateStore Certificates CertificateDir
// Timeout specifies a time limit for requests made by this // Timeout specifies a time limit for requests made by this
// Client. The timeout includes connection time and reading // Client. The timeout includes connection time and reading

2
server.go
View File

@ -26,7 +26,7 @@ type Server struct {
WriteTimeout time.Duration WriteTimeout time.Duration
// Certificates contains the certificates used by the server. // Certificates contains the certificates used by the server.
Certificates CertificateStore Certificates CertificateDir
// CreateCertificate, if not nil, will be called to create a new certificate // CreateCertificate, if not nil, will be called to create a new certificate
// if the current one is expired or missing. // if the current one is expired or missing.

43
tofu.go
View File

@ -21,42 +21,45 @@ const (
) )
// KnownHosts represents a list of known hosts. // KnownHosts represents a list of known hosts.
// The zero value for KnownHosts is an empty list ready to use. type KnownHosts map[string]Fingerprint
type KnownHosts struct {
hosts map[string]Fingerprint // KnownHostsFile represents a list of known hosts optionally loaded from a file.
out io.Writer // The zero value for KnownHostsFile represents an empty list ready to use.
type KnownHostsFile struct {
KnownHosts
out io.Writer
} }
// SetOutput sets the output to which new known hosts will be written to. // SetOutput sets the output to which new known hosts will be written to.
func (k *KnownHosts) SetOutput(w io.Writer) { func (k *KnownHostsFile) SetOutput(w io.Writer) {
k.out = w k.out = w
} }
// Add adds a known host to the list of known hosts. // Add adds a known host to the list of known hosts.
func (k *KnownHosts) Add(hostname string, fingerprint Fingerprint) { func (k *KnownHostsFile) Add(hostname string, fingerprint Fingerprint) {
if k.hosts == nil { if k.KnownHosts == nil {
k.hosts = map[string]Fingerprint{} k.KnownHosts = KnownHosts{}
} }
k.hosts[hostname] = fingerprint k.KnownHosts[hostname] = fingerprint
} }
// Lookup returns the fingerprint of the certificate corresponding to // Lookup returns the fingerprint of the certificate corresponding to
// the given hostname. // the given hostname.
func (k *KnownHosts) Lookup(hostname string) (Fingerprint, bool) { func (k *KnownHostsFile) Lookup(hostname string) (Fingerprint, bool) {
c, ok := k.hosts[hostname] c, ok := k.KnownHosts[hostname]
return c, ok return c, ok
} }
// Write writes a known hosts entry to the configured output. // Write writes a known hosts entry to the configured output.
func (k *KnownHosts) Write(hostname string, fingerprint Fingerprint) { func (k *KnownHostsFile) Write(hostname string, fingerprint Fingerprint) {
if k.out != nil { if k.out != nil {
k.writeKnownHost(k.out, hostname, fingerprint) k.writeKnownHost(k.out, hostname, fingerprint)
} }
} }
// WriteAll writes all of the known hosts to the provided io.Writer. // WriteAll writes all of the known hosts to the provided io.Writer.
func (k *KnownHosts) WriteAll(w io.Writer) error { func (k *KnownHostsFile) WriteAll(w io.Writer) error {
for h, c := range k.hosts { for h, c := range k.KnownHosts {
if _, err := k.writeKnownHost(w, h, c); err != nil { if _, err := k.writeKnownHost(w, h, c); err != nil {
return err return err
} }
@ -65,14 +68,14 @@ func (k *KnownHosts) WriteAll(w io.Writer) error {
} }
// writeKnownHost writes a known host to the provided io.Writer. // writeKnownHost writes a known host to the provided io.Writer.
func (k *KnownHosts) writeKnownHost(w io.Writer, hostname string, f Fingerprint) (int, error) { func (k *KnownHostsFile) writeKnownHost(w io.Writer, hostname string, f Fingerprint) (int, error) {
return fmt.Fprintf(w, "%s %s %s %d\n", hostname, f.Algorithm, f.Hex, f.Expires) return fmt.Fprintf(w, "%s %s %s %d\n", hostname, f.Algorithm, f.Hex, f.Expires)
} }
// Load loads the known hosts from the provided path. // Load loads the known hosts from the provided path.
// It creates the file if it does not exist. // It creates the file if it does not exist.
// New known hosts will be appended to the file. // New known hosts will be appended to the file.
func (k *KnownHosts) Load(path string) error { func (k *KnownHostsFile) Load(path string) error {
f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644) f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644)
if err != nil { if err != nil {
return err return err
@ -90,9 +93,9 @@ func (k *KnownHosts) Load(path string) error {
// Parse parses the provided reader and adds the parsed known hosts to the list. // Parse parses the provided reader and adds the parsed known hosts to the list.
// Invalid entries are ignored. // Invalid entries are ignored.
func (k *KnownHosts) Parse(r io.Reader) { func (k *KnownHostsFile) Parse(r io.Reader) {
if k.hosts == nil { if k.KnownHosts == nil {
k.hosts = map[string]Fingerprint{} k.KnownHosts = map[string]Fingerprint{}
} }
scanner := bufio.NewScanner(r) scanner := bufio.NewScanner(r)
for scanner.Scan() { for scanner.Scan() {
@ -114,7 +117,7 @@ func (k *KnownHosts) Parse(r io.Reader) {
continue continue
} }
k.hosts[hostname] = Fingerprint{ k.KnownHosts[hostname] = Fingerprint{
Algorithm: algorithm, Algorithm: algorithm,
Hex: fingerprint, Hex: fingerprint,
Expires: expires, Expires: expires,