mirror/stackexchange-dnscontrol
1
0
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2024-05-11 05:55:12 +00:00
Code Issues Releases Activity
Files
ba7efe340222f068bbbe31416a60241f16d45d35
stackexchange-dnscontrol/vendor/github.com/mittwald/go-powerdns/pdnshttp/auth_tls.go
Jan-Philipp Benecke ffd4e46dda New DNS provider PowerDNS (#748) 
* Added PowerDNS as dns provider

* Remove unnecessary comments

* Some tests

* Implemented feedback
2020-05-30 09:54:07 -04:00

56 lines
1.1 KiB
Go
Raw Blame History

package pdnshttp
import (
"crypto"
"crypto/tls"
"crypto/x509"
"fmt"
"net/http"
)
type TLSClientCertificateAuthenticator struct {
CACerts []*x509.Certificate
ClientCert tls.Certificate
ClientKey crypto.PrivateKey
}
func (a *TLSClientCertificateAuthenticator) OnRequest(r *http.Request) error {
return nil
}
func (a *TLSClientCertificateAuthenticator) OnConnect(c *http.Client) error {
if c.Transport == nil {
c.Transport = http.DefaultTransport
}
t, ok := c.Transport.(*http.Transport)
if !ok {
return fmt.Errorf("client.Transport is no *http.Transport, instead %t", c.Transport)
}
if t.TLSClientConfig == nil {
t.TLSClientConfig = &tls.Config{}
}
if t.TLSClientConfig.Certificates == nil {
t.TLSClientConfig.Certificates = make([]tls.Certificate, 0, 1)
}
t.TLSClientConfig.Certificates = append(t.TLSClientConfig.Certificates, a.ClientCert)
if t.TLSClientConfig.RootCAs == nil {
systemPool, err := x509.SystemCertPool()
if err != nil {
return err
}
t.TLSClientConfig.RootCAs = systemPool
}
for i := range a.CACerts {
t.TLSClientConfig.RootCAs.AddCert(a.CACerts[i])
}
return nil
}
View Git Blame Copy Permalink