refactor: add https

2025-10-05 06:01:03 +00:00 · 2023-01-09 23:29:42 +08:00 · 2023-01-09 23:29:42 +08:00 · 1890fe8d08
commit 1890fe8d08
parent 2b2997ce49
2 changed files with 10 additions and 9 deletions
--- a/internal/https/tls.go
+++ b/internal/https/tls.go
@ -0,0 +1,85 @@
+package https
+
+import (
+	"crypto/tls"
+	"io"
+	"log"
+	"strings"
+)
+
+func WriteTLSSupportedCipherStrings(w io.Writer, min uint16) error {
+	for _, c := range tls.CipherSuites() {
+		var found bool
+
+		for _, v := range c.SupportedVersions {
+			if v >= min {
+				found = true
+			}
+		}
+
+		if !found {
+			continue
+		}
+
+		_, err := w.Write([]byte(c.Name + "\n"))
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// GetTLSMinVersion converts a version string into a TLS version ID.
+func GetTLSMinVersion(v string) uint16 {
+	switch v {
+	case "1.0":
+		return tls.VersionTLS10
+	case "1.1":
+		return tls.VersionTLS11
+	case "1.2", "":
+		return tls.VersionTLS12
+	case "1.3":
+		return tls.VersionTLS13
+	default:
+		log.Fatalln("error: unknown minimum TLS version:", v)
+		return 0
+	}
+}
+
+// GetTLSCipherSuites converts a comma separated list of cipher suites into a
+// slice of TLS cipher suite IDs.
+func GetTLSCipherSuites(v string) []uint16 {
+	supported := tls.CipherSuites()
+
+	if v == "" {
+		suites := make([]uint16, len(supported))
+
+		for _, cs := range supported {
+			suites = append(suites, cs.ID)
+		}
+
+		return suites
+	}
+
+	var found bool
+	txts := strings.Split(v, ",")
+	suites := make([]uint16, len(txts))
+
+	for _, want := range txts {
+		found = false
+
+		for _, cs := range supported {
+			if want == cs.Name {
+				suites = append(suites, cs.ID)
+				found = true
+			}
+		}
+
+		if !found {
+			log.Fatalln("error: unknown TLS cipher suite:", want)
+		}
+	}
+
+	return suites
+}