Vendoring with Glide and delete function handler

2025-06-25 08:13:25 +00:00 · 2017-04-26 19:13:42 +01:00
parent 1eaf13c6c8
commit 78af82021f
7137 changed files with 1688302 additions and 19 deletions
--- a/gateway/vendor/github.com/docker/libtrust/tlsdemo/server.go
+++ b/gateway/vendor/github.com/docker/libtrust/tlsdemo/server.go
@ -0,0 +1,80 @@
+package main
+
+import (
+	"crypto/tls"
+	"fmt"
+	"html"
+	"log"
+	"net"
+	"net/http"
+
+	"github.com/docker/libtrust"
+)
+
+var (
+	serverAddress             = "localhost:8888"
+	privateKeyFilename        = "server_data/private_key.pem"
+	authorizedClientsFilename = "server_data/trusted_clients.pem"
+)
+
+func requestHandler(w http.ResponseWriter, r *http.Request) {
+	clientCert := r.TLS.PeerCertificates[0]
+	keyID := clientCert.Subject.CommonName
+	log.Printf("Request from keyID: %s\n", keyID)
+	fmt.Fprintf(w, "Hello, client! I'm a server! And you are %T: %s.\n", clientCert.PublicKey, html.EscapeString(keyID))
+}
+
+func main() {
+	// Load server key.
+	serverKey, err := libtrust.LoadKeyFile(privateKeyFilename)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// Generate server certificate.
+	selfSignedServerCert, err := libtrust.GenerateSelfSignedServerCert(
+		serverKey, []string{"localhost"}, []net.IP{net.ParseIP("127.0.0.1")},
+	)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// Load authorized client keys.
+	authorizedClients, err := libtrust.LoadKeySetFile(authorizedClientsFilename)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// Create CA pool using trusted client keys.
+	caPool, err := libtrust.GenerateCACertPool(serverKey, authorizedClients)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// Create TLS config, requiring client certificates.
+	tlsConfig := &tls.Config{
+		Certificates: []tls.Certificate{
+			tls.Certificate{
+				Certificate: [][]byte{selfSignedServerCert.Raw},
+				PrivateKey:  serverKey.CryptoPrivateKey(),
+				Leaf:        selfSignedServerCert,
+			},
+		},
+		ClientAuth: tls.RequireAndVerifyClientCert,
+		ClientCAs:  caPool,
+	}
+
+	// Create HTTP server with simple request handler.
+	server := &http.Server{
+		Addr:    serverAddress,
+		Handler: http.HandlerFunc(requestHandler),
+	}
+
+	// Listen and server HTTPS using the libtrust TLS config.
+	listener, err := net.Listen("tcp", server.Addr)
+	if err != nil {
+		log.Fatal(err)
+	}
+	tlsListener := tls.NewListener(listener, tlsConfig)
+	server.Serve(tlsListener)
+}