Skip to content

Commit

Permalink
Allow TLS parameters to be set in code (#110)
Browse files Browse the repository at this point in the history
By exporting the type, it becomes possible to construct a value in
code outside this package, and pass in to the toolkit.

Signed-off-by: Bryan Boreham <[email protected]>

Signed-off-by: Bryan Boreham <[email protected]>
  • Loading branch information
bboreham authored Sep 1, 2022
1 parent 7a8b2e9 commit 2434b08
Showing 1 changed file with 24 additions and 24 deletions.
48 changes: 24 additions & 24 deletions web/tls_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,10 @@ type TLSStruct struct {
TLSKeyPath string `yaml:"key_file"`
ClientAuth string `yaml:"client_auth_type"`
ClientCAs string `yaml:"client_ca_file"`
CipherSuites []cipher `yaml:"cipher_suites"`
CurvePreferences []curve `yaml:"curve_preferences"`
MinVersion tlsVersion `yaml:"min_version"`
MaxVersion tlsVersion `yaml:"max_version"`
CipherSuites []Cipher `yaml:"cipher_suites"`
CurvePreferences []Curve `yaml:"curve_preferences"`
MinVersion TLSVersion `yaml:"min_version"`
MaxVersion TLSVersion `yaml:"max_version"`
PreferServerCipherSuites bool `yaml:"prefer_server_cipher_suites"`
}

Expand Down Expand Up @@ -269,37 +269,37 @@ func Validate(tlsConfigPath string) error {
return err
}

type cipher uint16
type Cipher uint16

func (c *cipher) UnmarshalYAML(unmarshal func(interface{}) error) error {
func (c *Cipher) UnmarshalYAML(unmarshal func(interface{}) error) error {
var s string
err := unmarshal((*string)(&s))
if err != nil {
return err
}
for _, cs := range tls.CipherSuites() {
if cs.Name == s {
*c = (cipher)(cs.ID)
*c = (Cipher)(cs.ID)
return nil
}
}
return errors.New("unknown cipher: " + s)
}

func (c cipher) MarshalYAML() (interface{}, error) {
func (c Cipher) MarshalYAML() (interface{}, error) {
return tls.CipherSuiteName((uint16)(c)), nil
}

type curve tls.CurveID
type Curve tls.CurveID

var curves = map[string]curve{
"CurveP256": (curve)(tls.CurveP256),
"CurveP384": (curve)(tls.CurveP384),
"CurveP521": (curve)(tls.CurveP521),
"X25519": (curve)(tls.X25519),
var curves = map[string]Curve{
"CurveP256": (Curve)(tls.CurveP256),
"CurveP384": (Curve)(tls.CurveP384),
"CurveP521": (Curve)(tls.CurveP521),
"X25519": (Curve)(tls.X25519),
}

func (c *curve) UnmarshalYAML(unmarshal func(interface{}) error) error {
func (c *Curve) UnmarshalYAML(unmarshal func(interface{}) error) error {
var s string
err := unmarshal((*string)(&s))
if err != nil {
Expand All @@ -312,7 +312,7 @@ func (c *curve) UnmarshalYAML(unmarshal func(interface{}) error) error {
return errors.New("unknown curve: " + s)
}

func (c *curve) MarshalYAML() (interface{}, error) {
func (c *Curve) MarshalYAML() (interface{}, error) {
for s, curveid := range curves {
if *c == curveid {
return s, nil
Expand All @@ -321,16 +321,16 @@ func (c *curve) MarshalYAML() (interface{}, error) {
return fmt.Sprintf("%v", c), nil
}

type tlsVersion uint16
type TLSVersion uint16

var tlsVersions = map[string]tlsVersion{
"TLS13": (tlsVersion)(tls.VersionTLS13),
"TLS12": (tlsVersion)(tls.VersionTLS12),
"TLS11": (tlsVersion)(tls.VersionTLS11),
"TLS10": (tlsVersion)(tls.VersionTLS10),
var tlsVersions = map[string]TLSVersion{
"TLS13": (TLSVersion)(tls.VersionTLS13),
"TLS12": (TLSVersion)(tls.VersionTLS12),
"TLS11": (TLSVersion)(tls.VersionTLS11),
"TLS10": (TLSVersion)(tls.VersionTLS10),
}

func (tv *tlsVersion) UnmarshalYAML(unmarshal func(interface{}) error) error {
func (tv *TLSVersion) UnmarshalYAML(unmarshal func(interface{}) error) error {
var s string
err := unmarshal((*string)(&s))
if err != nil {
Expand All @@ -343,7 +343,7 @@ func (tv *tlsVersion) UnmarshalYAML(unmarshal func(interface{}) error) error {
return errors.New("unknown TLS version: " + s)
}

func (tv *tlsVersion) MarshalYAML() (interface{}, error) {
func (tv *TLSVersion) MarshalYAML() (interface{}, error) {
for s, v := range tlsVersions {
if *tv == v {
return s, nil
Expand Down

0 comments on commit 2434b08

Please sign in to comment.