refactor: add https

This commit is contained in:
soulteary 2023-01-09 23:29:42 +08:00
parent 2b2997ce49
commit 1890fe8d08
No known key found for this signature in database
GPG key ID: 8107DBA6BC84D986
2 changed files with 10 additions and 9 deletions

View file

@ -1,4 +1,4 @@
package main
package https
import (
"crypto/tls"
@ -7,7 +7,7 @@ import (
"strings"
)
func writeTLSSupportedCipherStrings(w io.Writer, min uint16) error {
func WriteTLSSupportedCipherStrings(w io.Writer, min uint16) error {
for _, c := range tls.CipherSuites() {
var found bool
@ -30,8 +30,8 @@ func writeTLSSupportedCipherStrings(w io.Writer, min uint16) error {
return nil
}
// getTLSMinVersion converts a version string into a TLS version ID.
func getTLSMinVersion(v string) uint16 {
// GetTLSMinVersion converts a version string into a TLS version ID.
func GetTLSMinVersion(v string) uint16 {
switch v {
case "1.0":
return tls.VersionTLS10
@ -47,9 +47,9 @@ func getTLSMinVersion(v string) uint16 {
}
}
// getTLSCipherSuites converts a comma separated list of cipher suites into a
// GetTLSCipherSuites converts a comma separated list of cipher suites into a
// slice of TLS cipher suite IDs.
func getTLSCipherSuites(v string) []uint16 {
func GetTLSCipherSuites(v string) []uint16 {
supported := tls.CipherSuites()
if v == "" {

View file

@ -17,6 +17,7 @@ import (
"time"
"github.com/adnanh/webhook/internal/hook"
"github.com/adnanh/webhook/internal/https"
"github.com/adnanh/webhook/internal/middleware"
"github.com/adnanh/webhook/internal/pidfile"
"github.com/adnanh/webhook/internal/platform"
@ -109,7 +110,7 @@ func main() {
}
if *justListCiphers {
err := writeTLSSupportedCipherStrings(os.Stdout, getTLSMinVersion(*tlsMinVersion))
err := https.WriteTLSSupportedCipherStrings(os.Stdout, https.GetTLSMinVersion(*tlsMinVersion))
if err != nil {
fmt.Println(err)
os.Exit(1)
@ -300,9 +301,9 @@ func main() {
// Server HTTPS
svr.TLSConfig = &tls.Config{
CipherSuites: getTLSCipherSuites(*tlsCipherSuites),
CipherSuites: https.GetTLSCipherSuites(*tlsCipherSuites),
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
MinVersion: getTLSMinVersion(*tlsMinVersion),
MinVersion: https.GetTLSMinVersion(*tlsMinVersion),
PreferServerCipherSuites: true,
}
svr.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler)) // disable http/2