sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

certificate.Store: Update documentation

Browse Source
This commit is contained in:
Adnan Maolood 2021-02-23 09:03:38 -05:00
parent f6bccb156a
commit a4849c8eef
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
certificate/store.go
View File

@ -12,13 +12,12 @@ import (
"time" "time"
) )
// A Store maps certificate scopes to certificates. // A Store represents a certificate store.
// It generate certificates as needed and rotates expired certificates. // It generates certificates as needed and automatically rotates expired certificates.
// The zero value for Store is an empty store ready to use. // The zero value for Store is an empty store ready to use.
// //
// Certificate scopes must be registered with Register before certificate // Certificate scopes must be registered with Register before calling Get or Load.
// retrieval; otherwise Get will fail. This prevents the Store from // This prevents the Store from creating or loading unnecessary certificates.
// creating unnecessary certificates.
// //
// Store is safe for concurrent use by multiple goroutines. // Store is safe for concurrent use by multiple goroutines.
type Store struct { type Store struct {
@ -46,6 +45,7 @@ func (s *Store) Register(scope string) {
} }
// Add adds a certificate with the given scope to the certificate store. // Add adds a certificate with the given scope to the certificate store.
// If a certificate for the given scope already exists, Add will overwrite it.
func (s *Store) Add(scope string, cert tls.Certificate) error { func (s *Store) Add(scope string, cert tls.Certificate) error {
s.mu.Lock() s.mu.Lock()
defer s.mu.Unlock() defer s.mu.Unlock()
@ -75,9 +75,8 @@ func (s *Store) Add(scope string, cert tls.Certificate) error {
} }
// Get retrieves a certificate for the given hostname. // Get retrieves a certificate for the given hostname.
// It checks to see if the hostname or a matching pattern has been registered. // If no matching scope has been registered, Get returns an error.
// New certificates are generated on demand and expired certificates are // Get generates new certificates as needed and rotates expired certificates.
// replaced with new ones.
func (s *Store) Get(hostname string) (*tls.Certificate, error) { func (s *Store) Get(hostname string) (*tls.Certificate, error) {
s.mu.RLock() s.mu.RLock()
defer s.mu.RUnlock() defer s.mu.RUnlock()
@ -128,11 +127,10 @@ func (s *Store) createCertificate(scope string) (tls.Certificate, error) {
// Load loads certificates from the provided path. // Load loads certificates from the provided path.
// New certificates will be written to this path. // New certificates will be written to this path.
// Certificates with scopes that have not been registered will be ignored.
//
// The path should lead to a directory containing certificates // The path should lead to a directory containing certificates
// and private keys named "scope.crt" and "scope.key" respectively, // and private keys named "scope.crt" and "scope.key" respectively,
// where "scope" is the scope of the certificate. // where "scope" is the scope of the certificate.
// Certificates with scopes that have not been registered will be ignored.
func (s *Store) Load(path string) error { func (s *Store) Load(path string) error {
matches, err := filepath.Glob(filepath.Join(path, "*.crt")) matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
if err != nil { if err != nil {