mirrors/webhook
1
0
Fork 0
mirror of https://github.com/adnanh/webhook.git synced 2025-08-01 23:40:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: add https

Browse source
This commit is contained in:
soulteary 2023-01-09 23:29:42 +08:00
parent 2b2997ce49
commit 1890fe8d08
No known key found for this signature in database
GPG key ID: 8107DBA6BC84D986
2 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tls.go → internal/https/tls.go
View file

@ -1,4 +1,4 @@
package main package https
import ( import (
"crypto/tls" "crypto/tls"
@ -7,7 +7,7 @@ import (
"strings" "strings"
) )
func writeTLSSupportedCipherStrings(w io.Writer, min uint16) error { func WriteTLSSupportedCipherStrings(w io.Writer, min uint16) error {
for _, c := range tls.CipherSuites() { for _, c := range tls.CipherSuites() {
var found bool var found bool
@ -30,8 +30,8 @@ func writeTLSSupportedCipherStrings(w io.Writer, min uint16) error {
return nil return nil
} }
// getTLSMinVersion converts a version string into a TLS version ID. // GetTLSMinVersion converts a version string into a TLS version ID.
func getTLSMinVersion(v string) uint16 { func GetTLSMinVersion(v string) uint16 {
switch v { switch v {
case "1.0": case "1.0":
return tls.VersionTLS10 return tls.VersionTLS10
@ -47,9 +47,9 @@ func getTLSMinVersion(v string) uint16 {
} }
} }
// getTLSCipherSuites converts a comma separated list of cipher suites into a // GetTLSCipherSuites converts a comma separated list of cipher suites into a
// slice of TLS cipher suite IDs. // slice of TLS cipher suite IDs.
func getTLSCipherSuites(v string) []uint16 { func GetTLSCipherSuites(v string) []uint16 {
supported := tls.CipherSuites() supported := tls.CipherSuites()
if v == "" { if v == "" {

7
webhook.go
View file

@ -17,6 +17,7 @@ import (
"time" "time"
"github.com/adnanh/webhook/internal/hook" "github.com/adnanh/webhook/internal/hook"
"github.com/adnanh/webhook/internal/https"
"github.com/adnanh/webhook/internal/middleware" "github.com/adnanh/webhook/internal/middleware"
"github.com/adnanh/webhook/internal/pidfile" "github.com/adnanh/webhook/internal/pidfile"
"github.com/adnanh/webhook/internal/platform" "github.com/adnanh/webhook/internal/platform"
@ -109,7 +110,7 @@ func main() {
} }
if *justListCiphers { if *justListCiphers {
err := writeTLSSupportedCipherStrings(os.Stdout, getTLSMinVersion(*tlsMinVersion)) err := https.WriteTLSSupportedCipherStrings(os.Stdout, https.GetTLSMinVersion(*tlsMinVersion))
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
os.Exit(1) os.Exit(1)
@ -300,9 +301,9 @@ func main() {
// Server HTTPS // Server HTTPS
svr.TLSConfig = &tls.Config{ svr.TLSConfig = &tls.Config{
CipherSuites: getTLSCipherSuites(*tlsCipherSuites), CipherSuites: https.GetTLSCipherSuites(*tlsCipherSuites),
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256}, CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
MinVersion: getTLSMinVersion(*tlsMinVersion), MinVersion: https.GetTLSMinVersion(*tlsMinVersion),
PreferServerCipherSuites: true, PreferServerCipherSuites: true,
} }
svr.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler)) // disable http/2 svr.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler)) // disable http/2