|
|
@ -11,6 +11,7 @@ import (
|
|
|
|
"net/http"
|
|
|
|
"net/http"
|
|
|
|
"os"
|
|
|
|
"os"
|
|
|
|
"os/signal"
|
|
|
|
"os/signal"
|
|
|
|
|
|
|
|
"path/filepath"
|
|
|
|
"strings"
|
|
|
|
"strings"
|
|
|
|
"syscall"
|
|
|
|
"syscall"
|
|
|
|
"time"
|
|
|
|
"time"
|
|
|
@ -47,7 +48,6 @@ func main() {
|
|
|
|
CipherSuites: []uint16{
|
|
|
|
CipherSuites: []uint16{
|
|
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
|
|
|
},
|
|
|
|
},
|
|
|
|
NextProtos: []string{"h2"},
|
|
|
|
NextProtos: []string{"h2"},
|
|
|
|
PreferServerCipherSuites: true,
|
|
|
|
PreferServerCipherSuites: true,
|
|
|
@ -124,8 +124,12 @@ func generateRandomBytes(count int) []byte {
|
|
|
|
|
|
|
|
|
|
|
|
func loadCACertificates() (caCertificates []*x509.Certificate) {
|
|
|
|
func loadCACertificates() (caCertificates []*x509.Certificate) {
|
|
|
|
var err error
|
|
|
|
var err error
|
|
|
|
caCertificates = make([]*x509.Certificate, 2)
|
|
|
|
caFiles, err := filepath.Glob("example_ca/*/ca.crt.pem")
|
|
|
|
for index, certFile := range []string{"example_ca/sub/ca.crt.pem", "example_ca/root/ca.crt.pem"} {
|
|
|
|
if err != nil {
|
|
|
|
|
|
|
|
log.Panic(err)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
caCertificates = make([]*x509.Certificate, len(caFiles))
|
|
|
|
|
|
|
|
for index, certFile := range caFiles {
|
|
|
|
var certBytes []byte
|
|
|
|
var certBytes []byte
|
|
|
|
if certBytes, err = ioutil.ReadFile(certFile); err != nil {
|
|
|
|
if certBytes, err = ioutil.ReadFile(certFile); err != nil {
|
|
|
|
log.Panic(err)
|
|
|
|
log.Panic(err)
|
|
|
|