Dragonfly2
41 строка · 1.3 Кб
1/*
2* Copyright 2022 The Dragonfly Authors
3*
4* Licensed under the Apache License, Version 2.0 (the "License");
5* you may not use this file except in compliance with the License.
6* You may obtain a copy of the License at
7*
8* http://www.apache.org/licenses/LICENSE-2.0
9*
10* Unless required by applicable law or agreed to in writing, software
11* distributed under the License is distributed on an "AS IS" BASIS,
12* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13* See the License for the specific language governing permissions and
14* limitations under the License.
15*/
16
17package config
18
19import (
20"crypto/tls"
21"net"
22
23"github.com/johanbrandhorst/certify"
24
25logger "d7y.io/dragonfly/v2/internal/dflog"
26)
27
28func GetCertificate(certifyClient *certify.Certify) func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
29return func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
30// FIXME peers need pure ip cert, certify checks the ServerName, so workaround here
31if hello.ServerName == "" {
32host, _, err := net.SplitHostPort(hello.Conn.LocalAddr().String())
33if err == nil {
34hello.ServerName = host
35} else {
36logger.Warnf("failed to get host from %s: %s", hello.Conn.LocalAddr().String(), err)
37}
38}
39return certifyClient.GetCertificate(hello)
40}
41}
42