hoelee/cloudflared
1
0
Fork 0
mirror of https://github.com/cloudflare/cloudflared.git synced 2025-07-27 22:49:58 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

TUN-6780: Add support for certReload to also include support for client certificates

Browse Source
This commit is contained in:
João Oliveirinha
2022-09-19 12:47:18 +01:00
parent a0b6ba9b8d
commit b457cca1e5
2 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tlsconfig/certreloader.go
View File

@@ -40,12 +40,21 @@ func NewCertReloader(certPath, keyPath string) (*CertReloader, error) {
}
// Cert returns the TLS certificate most recently read by the CertReloader.
// This method works as a direct utility method for tls.Config#Cert.
func (cr *CertReloader) Cert(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
cr.Lock()
defer cr.Unlock()
return cr.certificate, nil
}
// ClientCert returns the TLS certificate most recently read by the CertReloader.
// This method works as a direct utility method for tls.Config#ClientCert.
func (cr *CertReloader) ClientCert(certRequestInfo *tls.CertificateRequestInfo) (*tls.Certificate, error) {
cr.Lock()
defer cr.Unlock()
return cr.certificate, nil
}
// LoadCert loads a TLS certificate from the CertReloader's specified filepath.
// Call this after writing a new certificate to the disk (e.g. after renewing a certificate)
func (cr *CertReloader) LoadCert() error {