096ad758c2
no behavior changes Signed-off-by: Ciro S. Costa <utxobr@protonmail.com>
46 lines
899 B
Go
46 lines
899 B
Go
package http
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"os"
|
|
)
|
|
|
|
func WithCACert(fpath string) func(*tls.Config) error {
|
|
return func(config *tls.Config) error {
|
|
certBytes, err := os.ReadFile(fpath)
|
|
if err != nil {
|
|
return fmt.Errorf("read file '%s': %w", fpath, err)
|
|
}
|
|
|
|
pool := x509.NewCertPool()
|
|
if ok := pool.AppendCertsFromPEM(certBytes); !ok {
|
|
return fmt.Errorf("ca cert '%s' not valid", fpath)
|
|
}
|
|
|
|
config.RootCAs = pool
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func WithInsecureSkipVerify() func(*tls.Config) {
|
|
return func(config *tls.Config) {
|
|
config.InsecureSkipVerify = true
|
|
}
|
|
}
|
|
|
|
func WithClientCertificate(cert, key string) func(*tls.Config) error {
|
|
return func(config *tls.Config) error {
|
|
keypair, err := tls.LoadX509KeyPair(cert, key)
|
|
if err != nil {
|
|
return fmt.Errorf("load x509 key pair: %w", err)
|
|
}
|
|
|
|
config.Certificates = []tls.Certificate{keypair}
|
|
|
|
return nil
|
|
}
|
|
}
|