2 tofuproxy -- flexible HTTP/HTTPS proxy, TLS terminator, X.509 TOFU
3 manager, WARC/geminispace browser
4 Copyright (C) 2021-2022 Sergey Matveev <stargrave@stargrave.org>
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, version 3 of the License.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 "go.cypherpunks.ru/ucspi"
27 "go.stargrave.org/tofuproxy/caches"
30 func addTLSAuth(p string) {
32 for _, line := range readLinesFromFIFO(p) {
33 cols := strings.SplitN(line, " ", 2)
35 log.Println("invalid add-tls-auth line format")
38 if cols[1] == "NONE" {
39 caches.TLSAuthCacheM.Lock()
40 caches.TLSAuthCache[cols[0]] = &tls.Certificate{}
41 caches.TLSAuthCacheM.Unlock()
42 log.Printf("%s: added host %s: NONE\n", p, cols[0])
45 _, cert, err := ucspi.CertificateFromFile(cols[1])
49 prv, err := ucspi.PrivateKeyFromFile(cols[1])
53 caches.TLSAuthCacheM.Lock()
54 caches.TLSAuthCache[cols[0]] = &tls.Certificate{
55 Certificate: [][]byte{cert.Raw},
58 caches.TLSAuthCacheM.Unlock()
59 log.Printf("%s: added host %s: %s\n", p, cols[0], cert.Subject)