TLS support

2024-11-21 19:39:43 +01:00 · 2014-02-09 19:41:00 -08:00 · 2014-02-09 19:41:00 -08:00 · db0f494604
commit db0f494604
parent e625f62baa
4 changed files with 38 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,2 @@
-pkg
-bin
-ergonomadic.db
 ergonomadic.json
+*.pem
--- a/irc/config.go
+++ b/irc/config.go
@ -7,7 +7,7 @@ import (

 type Config struct {
 	Name      string
-	Listen    string
+	Listeners []ListenerConfig
 	Password  string
 	Operators []OperatorConfig
 	Debug     map[string]bool
@ -18,6 +18,16 @@ type OperatorConfig struct {
 	Password string
 }

+type ListenerConfig struct {
+	Address     string
+	Key         string
+	Certificate string
+}
+
+func (config *ListenerConfig) IsTLS() bool {
+	return (config.Key != "") && (config.Certificate != "")
+}
+
 func LoadConfig() (config *Config, err error) {
 	config = &Config{}

--- a/irc/constants.go
+++ b/irc/constants.go
@ -15,7 +15,7 @@ var (
 )

 const (
-	VERSION       = "ergonomadic-1"
+	VERSION       = "1.0.0"
 	CRLF          = "\r\n"
 	MAX_REPLY_LEN = 512 - len(CRLF)

--- a/irc/server.go
+++ b/irc/server.go
@ -2,6 +2,7 @@ package irc

 import (
 	"crypto/rand"
+	"crypto/tls"
 	"encoding/binary"
 	"fmt"
 	"log"
@ -37,7 +38,11 @@ func NewServer(config *Config) *Server {
 	}

 	go server.receiveCommands(commands)
-	go server.listen(config.Listen)
+
+	for _, listenerConf := range config.Listeners {
+		go server.listen(listenerConf)
+	}
+
 	return server
 }

@ -63,14 +68,30 @@ func (server *Server) receiveCommands(commands <-chan Command) {
 	}
 }

-func (s *Server) listen(addr string) {
-	listener, err := net.Listen("tcp", addr)
+func newListener(config ListenerConfig) (net.Listener, error) {
+	if config.IsTLS() {
+		certificate, err := tls.LoadX509KeyPair(config.Certificate, config.Key)
+		if err != nil {
+			return nil, err
+		}
+		return tls.Listen("tcp", config.Address, &tls.Config{
+			Certificates:             []tls.Certificate{certificate},
+			PreferServerCipherSuites: true,
+			MinVersion:               tls.VersionTLS12,
+		})
+	}
+
+	return net.Listen("tcp", config.Address)
+}
+
+func (s *Server) listen(config ListenerConfig) {
+	listener, err := newListener(config)
 	if err != nil {
 		log.Fatal("Server.Listen: ", err)
 	}

 	s.hostname = LookupHostname(listener.Addr())
-	log.Print("Server.Listen: listening on ", addr)
+	log.Print("Server.Listen: listening on ", config.Address)

 	for {
 		conn, err := listener.Accept()