mirror of
https://github.com/eolinker/apinto
synced 2025-10-30 19:46:41 +08:00
52 lines
1.1 KiB
Go
52 lines
1.1 KiB
Go
package router_http
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/eolinker/eosc/log"
|
|
)
|
|
|
|
//Certs 证书集合结构体
|
|
type Certs struct {
|
|
certs map[string]*tls.Certificate
|
|
}
|
|
|
|
//Get 获取证书
|
|
func (c *Certs) Get(hostName string) (*tls.Certificate, bool) {
|
|
cert, has := c.certs[hostName]
|
|
if has {
|
|
return cert, true
|
|
}
|
|
hs := strings.Split(hostName, ".")
|
|
if len(hs) < 1 {
|
|
return nil, false
|
|
}
|
|
|
|
cert, has = c.certs[fmt.Sprintf("*.%s", strings.Join(hs[1:], "."))]
|
|
return cert, has
|
|
}
|
|
|
|
func newCerts(certs []Cert) *Certs {
|
|
cs := make(map[string]*tls.Certificate)
|
|
for _, cert := range certs {
|
|
x509KeyPair, err := tls.X509KeyPair([]byte(cert.Crt), []byte(cert.Key))
|
|
if err != nil {
|
|
log.Warn("parse ca error:", err)
|
|
continue
|
|
}
|
|
certificate, err := x509.ParseCertificate(x509KeyPair.Certificate[0])
|
|
if err != nil {
|
|
log.Warn("parse cert error:", err)
|
|
continue
|
|
}
|
|
cs[certificate.Subject.CommonName] = &x509KeyPair
|
|
for _, dnsName := range certificate.DNSNames {
|
|
cs[dnsName] = &x509KeyPair
|
|
}
|
|
}
|
|
return &Certs{certs: cs}
|
|
}
|