Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add TLS support to server with custom certificate and key paths #87

Merged
merged 2 commits into from
Jun 17, 2024
Merged

Add TLS support to server with custom certificate and key paths #87

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
514495e
feat: Add TLS support to server with custom certificate and key paths
ksysoev Jun 17, 2024
8db9963
Makes code tidy
ksysoev Jun 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion server/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package server

import (
"context"
"crypto/tls"
"fmt"
"net"
"net/http"
Expand All @@ -20,6 +21,8 @@ const (
var ErrServerAlreadyRunning = fmt.Errorf("server is already running")

type Server struct {
certPath string
keyPath string
baseCtx context.Context
listener net.Listener
listenerLock *sync.Mutex
Expand Down Expand Up @@ -114,7 +117,11 @@ func (s *Server) Run() (err error) {
close(s.ready)
}

err = s.handler.Serve(s.listener)
if s.certPath != "" && s.keyPath != "" {
err = s.handler.ServeTLS(s.listener, s.certPath, s.keyPath)
} else {
err = s.handler.Serve(s.listener)
}

if err != nil && err != http.ErrServerClosed {
return err
Expand Down Expand Up @@ -186,3 +193,18 @@ func WithBaseContext(ctx context.Context) Option {
s.baseCtx = ctx
}
}

// WithTLS is an option function that configures the server to use TLS (Transport Layer Security).
// It sets the certificate and key file paths, and optionally allows custom TLS configuration.
// The certificate and key file paths must be provided as arguments.
// If a custom TLS configuration is provided, it will be applied to the server's handler.
func WithTLS(certFile, keyFile string, config ...*tls.Config) Option {
return func(s *Server) {
s.certPath = certFile
s.keyPath = keyFile

if len(config) > 0 {
s.handler.TLSConfig = config[0]
}
}
}
40 changes: 40 additions & 0 deletions server/server_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,11 @@ package server

import (
"context"
"crypto/tls"
"errors"
"fmt"
"net/http"
"os"
"testing"
"time"

Expand Down Expand Up @@ -277,3 +280,40 @@ func TestServer_Addr(t *testing.T) {
t.Error("Expected non-empty address")
}
}
func TestServer_WithTLS(t *testing.T) {
// Create a new Server instance
server := NewServer(":0")
// Set TLS configuration using WithTLS
certPath := "/path/to/cert.pem"
keyPath := "/path/to/key.pem"

// #nosec G402 - InsecureSkipVerify is used for testing purposes
tlsConfig := &tls.Config{
InsecureSkipVerify: true,
}

WithTLS(certPath, keyPath, tlsConfig)(server)

// Check if the certificate and key paths are set correctly
if server.certPath != certPath {
t.Errorf("Expected certificate path %s, but got %s", certPath, server.certPath)
}

if server.keyPath != keyPath {
t.Errorf("Expected key path %s, but got %s", keyPath, server.keyPath)
}

// Check if the TLS configuration is set correctly
if server.handler.TLSConfig == nil {
t.Error("Expected non-nil TLS configuration")
}

if server.handler.TLSConfig.InsecureSkipVerify != true {
t.Error("Expected InsecureSkipVerify to be true")
}

err := server.Run()
if !errors.Is(err, os.ErrNotExist) {
t.Errorf("Got unexpected error: %v", err)
}
}
Loading