github.com/Cloud-Foundations/Dominator@v0.3.4/lib/srpc/setupclient/impl.go

github.com/Cloud-Foundations/Dominator@v0.3.4/lib/srpc/setupclient/impl.go (about)

     1  package setupclient
     2  
     3  import (
     4  	"crypto/tls"
     5  	"os"
     6  	"time"
     7  
     8  	"github.com/Cloud-Foundations/Dominator/lib/srpc"
     9  )
    10  
    11  func loadCerts() ([]tls.Certificate, error) {
    12  	if *certDirectory == "" {
    13  		cert, err := srpc.LoadCertificatesFromMetadata(100*time.Millisecond,
    14  			false, true)
    15  		if err != nil {
    16  			return nil, err
    17  		}
    18  		if cert == nil {
    19  			return nil, nil
    20  		}
    21  		return []tls.Certificate{*cert}, nil
    22  	}
    23  	// Load certificates.
    24  	certs, err := srpc.LoadCertificates(*certDirectory)
    25  	if err != nil {
    26  		if !os.IsNotExist(err) {
    27  			return nil, err
    28  		}
    29  	}
    30  	if certs != nil {
    31  		return certs, nil
    32  	}
    33  	cert, err := srpc.LoadCertificatesFromMetadata(100*time.Millisecond, false,
    34  		true)
    35  	if err != nil {
    36  		return nil, err
    37  	}
    38  	if cert == nil {
    39  		return nil, nil
    40  	}
    41  	return []tls.Certificate{*cert}, nil
    42  }
    43  
    44  func setupTls(ignoreMissingCerts bool) error {
    45  	certs, err := loadCerts()
    46  	if err != nil {
    47  		return err
    48  	}
    49  	if certs == nil {
    50  		if ignoreMissingCerts {
    51  			return nil
    52  		}
    53  		return srpc.ErrorMissingCertificate
    54  	}
    55  	// Setup client.
    56  	clientConfig := new(tls.Config)
    57  	clientConfig.InsecureSkipVerify = true
    58  	clientConfig.MinVersion = tls.VersionTLS12
    59  	clientConfig.Certificates = certs
    60  	srpc.RegisterClientTlsConfig(clientConfig)
    61  	return nil
    62  }