chore: refactor TLSOptions
Pavel Zavora
parent
7bc29c22e8
commit
32bfad6663
|
|
@ -488,7 +488,7 @@ func (s *Server) NewListener() (net.Listener, error) {
|
|||
return listener, nil
|
||||
}
|
||||
|
||||
tlsConfig, err := CreateTLSConfig(tlsOptions{
|
||||
tlsConfig, err := CreateTLSConfig(TLSOptions{
|
||||
Cert: string(s.Cert),
|
||||
Key: string(s.Key),
|
||||
Ciphers: strings.Split(s.TLSCiphers, ","),
|
||||
|
|
@ -621,7 +621,7 @@ func (s *Server) Serve(ctx context.Context) {
|
|||
} else {
|
||||
var tlsConfig *tls.Config
|
||||
if s.EtcdCert != "" {
|
||||
tlsConfig, err = CreateTLSConfig(tlsOptions{
|
||||
tlsConfig, err = CreateTLSConfig(TLSOptions{
|
||||
Cert: string(s.EtcdCert),
|
||||
Key: string(s.EtcdKey),
|
||||
})
|
||||
|
|
|
|||
|
|
@ -11,7 +11,8 @@ import (
|
|||
"strings"
|
||||
)
|
||||
|
||||
type tlsOptions struct {
|
||||
// TLSOptions specifies several key options that create TLS Configuration
|
||||
type TLSOptions struct {
|
||||
// Cert contains path to PEM encoded public key certificate
|
||||
Cert string
|
||||
// Key contains Path to private key associated with given certificate.
|
||||
|
|
@ -64,7 +65,7 @@ var versionsMap = map[string]uint16{
|
|||
}
|
||||
|
||||
// CreateTLSConfig creates TLS configuration out of specific TLS
|
||||
func CreateTLSConfig(o tlsOptions) (out *tls.Config, err error) {
|
||||
func CreateTLSConfig(o TLSOptions) (out *tls.Config, err error) {
|
||||
// load key pair
|
||||
if o.Cert == "" {
|
||||
return nil, errors.New("no TLS certificate specified")
|
||||
|
|
|
|||
|
|
@ -12,25 +12,25 @@ import (
|
|||
func Test_CreateTLSConfig(t *testing.T) {
|
||||
var tests = []struct {
|
||||
name string
|
||||
in tlsOptions
|
||||
in TLSOptions
|
||||
out *tls.Config
|
||||
err string
|
||||
}{
|
||||
{
|
||||
name: "empty options",
|
||||
in: tlsOptions{},
|
||||
in: TLSOptions{},
|
||||
err: "no TLS certificate specified",
|
||||
},
|
||||
{
|
||||
name: "missing key",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
},
|
||||
err: "private key",
|
||||
},
|
||||
{
|
||||
name: "cert and key",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
},
|
||||
|
|
@ -38,7 +38,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "minVersion",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
MinVersion: "1.1",
|
||||
|
|
@ -47,7 +47,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "maxVersion",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
MaxVersion: "1.2",
|
||||
|
|
@ -56,7 +56,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "ciphers",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
Ciphers: []string{
|
||||
|
|
@ -75,7 +75,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "help on ciphers",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
Ciphers: []string{
|
||||
|
|
@ -86,7 +86,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "unknown cipher",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
Ciphers: []string{
|
||||
|
|
@ -97,7 +97,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "unknown minVersion",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
MinVersion: "0.9",
|
||||
|
|
@ -106,7 +106,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "unknown maxVersion",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
MaxVersion: "f1",
|
||||
|
|
@ -115,7 +115,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "custom ca certs",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
CACerts: "tls_options_test.cert",
|
||||
|
|
@ -124,7 +124,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "unknown ca certs",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
CACerts: "tls_options_test2.cert",
|
||||
|
|
@ -133,7 +133,7 @@ func Test_CreateTLSConfig(t *testing.T) {
|
|||
},
|
||||
{
|
||||
name: "unsupported ca certs",
|
||||
in: tlsOptions{
|
||||
in: TLSOptions{
|
||||
Cert: "tls_options_test.cert",
|
||||
Key: "tls_options_test.key",
|
||||
CACerts: "tls_options_test.key",
|
||||
|
|
|
|||
Loading…
Reference in New Issue