gitee.com/curryzheng/dm@v0.0.1/security/zzj.go (about) 1 /* 2 * Copyright (c) 2000-2018, 达梦数据库有限公司. 3 * All rights reserved. 4 */ 5 6 package security 7 8 import ( 9 "crypto/tls" 10 "errors" 11 "flag" 12 "net" 13 "os" 14 ) 15 16 var dmHome = flag.String("DM_HOME", "", "Where DMDB installed") 17 18 func NewTLSFromTCP(conn *net.TCPConn, sslCertPath string, sslKeyPath string, user string) (*tls.Conn, error) { 19 if sslCertPath == "" && sslKeyPath == "" { 20 flag.Parse() 21 separator := string(os.PathSeparator) 22 if *dmHome != "" { 23 sslCertPath = *dmHome + separator + "bin" + separator + "client_ssl" + separator + 24 user + separator + "client-cert.pem" 25 sslKeyPath = *dmHome + separator + "bin" + separator + "client_ssl" + separator + 26 user + separator + "client-key.pem" 27 } else { 28 return nil, errors.New("sslCertPath and sslKeyPath can not be empty!") 29 } 30 } 31 cer, err := tls.LoadX509KeyPair(sslCertPath, sslKeyPath) 32 if err != nil { 33 return nil, err 34 } 35 conf := &tls.Config{ 36 InsecureSkipVerify: true, 37 Certificates: []tls.Certificate{cer}, 38 } 39 tlsConn := tls.Client(conn, conf) 40 if err := tlsConn.Handshake(); err != nil { 41 return nil, err 42 } 43 return tlsConn, nil 44 }